The phishing report button is a key tool for end users to report potential security threats.
At the same time, it provides administrators with valuable information for cybersecurity analysis and management within the instance.
SMARTFENSE has a Phishing Report Button for Microsoft Outlook and Office 365, as well as for Google Workspace – Gmail, and it can also be integrated with Microsoft Outlook's native Phishing report button.
Reports Within the Campaign
In the Audit - Campaign Details section of the phishing and ransomware simulations, for each sent campaign you can check the statistic phishing campaign reported or ransomware campaign reported.
From there, it is possible to see how many users have reported the email sent as part of the simulation.
To see in detail which users made the report, within the user table located below that window you can apply the filter Phishing campaign reported: Yes.
Important Considerations
Simulation emails reported by users will not send a report email to the configured address when using the SMARTFENSE report button.
On the other hand, emails that do not correspond to SMARTFENSE simulations will generate a report when using this same button.
However, if the native Microsoft Outlook button is used, the report will always be sent to the configured address, regardless of whether it is a simulation or not.
| Note: The reported emails statistics continue to be updated even after the campaign has ended, as users may still report emails received afterwards. |
Consolidated Report of Reported Emails
To view the complete report of reported emails corresponding to simulations, you must access the Audit > Phishing Report Button section.
In this section, each record includes the following information:
- Report date
- Username
- Scenario/Subject
- Corresponds to a simulation
- Campaign details
This data allows the administrator to analyze which users reported emails and determine if the reports correspond to a simulation campaign or to external emails.
Filters, Search, and Export
From the Audit > Phishing Report Button section, it is possible to:
Apply a start and end date filter to narrow the analysis period.
Use the search by Username, Scenario/Subject, and Corresponds to a simulation.
Export the audit records table in Excel or CSV format for external analysis or formal audits.
In cases where the report corresponds to a simulation, you can access more details from the associated campaign statistics.
You can review our workshop to learn in depth how to use the phishing report button and access its statistics and reports.
💡 Best Practices
- Regularly review reports to assess users' awareness level.
- Analyze which users correctly report simulations to identify best practices.
- Use the reports to adjust future phishing and ransomware campaigns.
- Export data for internal audits or cybersecurity maturity analysis.