Using the Phish Alert Button (PAB)

BE A HERO!

Use the Phish Alert Button

You receive an email asking you to take an action. Sounds suspicious, right? But don’t worry. You can be a hero by taking the correct action–and giving your IT department the information they need to defend your organization against the effects of malicious email attacks. It’s easy. Thanks to the Phish Alert Button, or PAB for short.

How do I know what to report?

You should only report messages you suspect are malicious, like phishing or spear phishing emails. Reporting annoying messages, like spam, to IT will waste their time and resources.

Spam is unsolicited and unwanted email, typically sent to try to sell you something. While it is often annoying and misleading, it is rarely malicious. Phishing messages are bulk emails, typically appearing to be from a reputable source, that ask you to take a specific action that can cause damage to you or your organization. These messages are malicious. Spear phishing emails are targeted attacks on a person or organization, occurring after detailed research in order to make them seem especially real. These messages are extremely malicious and can lead to very damaging consequences.
Simply delete it! Report it with the PAB! Report it with the PAB!

Where do I find the PAB in Outlook?

  1. PAB in Microsoft 365
  2. While viewing your email look for the the Phish Alert Button (PAB) in the Outlook ribbon at the top of your screen.  If the PAB add-in is not displayed in the Apps launcher, click Add apps. Then, locate and add the PAB add-in. You can also pin the PAB add-in to the toolbar at the top of an open email. To pin the add-in, click the ellipsis icon and select Customize actions. Or, navigate to Settings > Mail > Customize actions. Then, select the Phish Alert add-in and click Save.
  3. Note: While viewing emails through Outlook online, the button will appear above the email message content. 


 

PAB in the Microsoft Outlook Mobile App for Android

 

PAB in the Microsoft Outlook Mobile App for Apple iOS

1.Report: Report suspected phishing emails by clicking the Phish Alert in the ribbon. ​​​​​​

  1. Confirm: Once you click to report, the pop-up will prompt you to confirm your action. Once confirmed, the suspicious email will be immediately forwarded to your IT team.

Stop. Look. Think. Report!

Remember, you are the last line of defense against email based criminal activity. Never click on a link or open an attachment in any unexpected or unsolicited email. If you are uncertain, follow your organization’s security policy–or ask your IT team for advice.

100% helpful - 4 reviews