Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Endpoint Security

PhishMe Launches Outlook Add-in for Easy Reporting of Phishing Attacks

Chantilly, Virginia-based PhishMe, a company that teaches security awareness to help users identify “Phishing” or targeted attacks, today launched a new Outlook Add-in that lets users easily report suspected phishing emails with a single click.

Chantilly, Virginia-based PhishMe, a company that teaches security awareness to help users identify “Phishing” or targeted attacks, today launched a new Outlook Add-in that lets users easily report suspected phishing emails with a single click.

Generically named “Phish Reporter”, the tool is designed to help and improve threat detection and response. The new tool automatically discerns emails reported from PhishMe campaigns and emails reported from unknown sources, to help make sure that only potentially malicious emails are sent to security teams for further review.

PhishMe Logo“Phish Reporter collects reports of emails sent from PhishMe, noting which users reported them and sending the user acknowledgment of the successful report, thus completing the feedback loop and further enhancing employee capabilities,” the company explained. “This information is tracked and integrated into PhishMe’s comprehensive reporting metrics. Reports of unknown emails are forwarded to a designated location where they can be analyzed by an organization’s internal security team.”

“With the new Phish Reporter button, organizations can effectively turn their employees into spear-phishing sensors,” said Rohyt Belani, CEO and co-founder of PhishMe. “Many of our customers have successfully created an awareness culture in which employees can identify spear-phishing emails, but they lacked a fast, effective way to report these emails to the appropriate department within the organization. Phish Reporter will help fill this void.”

According to the company, Phish Reporter will help organizations:

• Retrieve time-stamped entries of reported phishing emails

• Create in-depth incident reports showing reported phishing emails over an extended period of time

• Provide a process to filter between phishing emails from PhishMe and real phishing emails

Advertisement. Scroll to continue reading.

• Gather specific information about potential attackers in a timely manner, thus reducing incident detection times and the cost of incident response.

“PhishMe has established a unique methodology for scoring a user’s ability to identify phishing attempts,” said Aaron Higbee, CTO and co-founder of PhishMe. “With each employee being a potential sensor, they can now become proactive contributors to the threat detection process and security teams can prioritize their analysis based a user’s scoring history.”

PhishMe is best known for its “spear phishing simulator” that places employees in real-world “spear phishing experiences” and presents them with appropriate training if they are found to be susceptible.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.