Phishing Alert Button in Outlook (For Faculty/Staff)

Phish Alert Button in Outlook

Phishing is one of the biggest security concerns for any organization. Each student, employee, or guest with a Drake University account is a potential target for scammers. KnowBe4, the company Drake ITS contracts with to provide IT Security Awareness and phishing simulation training, also provides tools to help us protect our community from real-world phishing attacks.

ITS has implemented KnowBe4’s Phish Alert Button (PAB) in Outlook for Faculty and Staff. This button allows users to report suspected phishing emails easily and safely. It will appear in all Outlook platforms: desktop apps, mobile apps, and Outlook Web Access (OWA).

PAB

 

 

PAB Q&A

When should I use the PAB?

Phishing is an attempt to get personal or account information for malicious purposes, such as financial or identity theft. The PAB should be used any time you get an email you suspect to be a phishing or scam attempt. User reports are the best way for the Drake IT Security team to be alerted to potential attacks and help stop such scams.

The PAB should not be used to report spam (unwanted “junk” email) or emails you don’t want from services you use. These emails should be deleted.

If you need guidance about an email or want to ask a specific question instead of simply reporting the email, please forward the original message to informationsecurity@drake.edu with your question instead of using the PAB.

Where will I find the PAB?

In the Outlook desktop app, the PAB can be found on the tool ribbon across the top of the window.  

pab1

 In Outlook mobile apps, both iOS and Android, you can find the PAB by opening a message and tapping the three dots on the upper right of your screen.

A series of three screenshots locating the phishing button on a cell phone.

In Outlook Web Access (OWA), the PAB will be at the top of open messages, to the right of the email header.

owa5

You will likely see a notification the first time you log in after installation.

How do I use the PAB?

If you receive an email that you believe to be a phishing attempt, simply click the PAB using one of the methods described above. You will see a message asking you to confirm that you want to report the email as phishing. If you confirm, a copy of the email will be sent to the informationsecurity@drake.edu and the IT Security team will investigate. The original email will be moved to your Deleted Items folder.

I reported an email, but I need to see it again. Can I still see the email?

Yes. After you report an email using the PAB, the original message is moved to your Deleted Items folder. If you need to see an email you reported, select Deleted Items in your folders list and find the message. If you determine that the email is not a phishing attempt, you can move it back to your Inbox or the appropriate folder by either dragging it to the correct location on your folders list or right-clicking the message and selecting the desired folder in the “Move” menu.

I have a specific question about a suspected email. Can I include it when I report the email?

If you would like to request specific guidance about an email instead of simply reporting it as a phishing scam, please forward the original message to informationsecurity@drake.edu and include your question or request. For now, reports made using the PAB cannot include additional information or questions.

I don’t see the PAB in Outlook, or I have a question not answered here.

If you do not see the PAB in Outlook make sure you are using the latest version of Outlook and restart your device.

If you still cannot see the PAB or have another question, contact the ITS Support Center at 515-271-3001.

Additional Resources:

How Do I Use the Phish Alert Button (PAB) in Microsoft Outlook? (KnowBe4.com)

How Do I Use the Phish Alert Button for Microsoft 365? (KnowBe4.com)

KnowBe4 Security Docs: Using the Phish Alert Button – Outlook desktop (PDF) and Outlook 365 – Web Access (PDF)

Print Article

Related Services / Offerings (1)

Report any email you receive that you think might be a phishing attempt.