A 2018 report from the Comodo Security Threat Lab, reveals that, generally speaking, about 50% of your computer using employees will click on a link sent via email from an unknown user. Whether you are an enterprise executive, IT admin, cybersecurity professional, or a simple user of company-owned technological systems, that statistic should disturb you considerably.
The ease of developing a socially engineered attack, and the effectiveness of those attacks when implemented, is what makes them so prevalent in the first place. Employees at all levels of the enterprise must be continually reeducated and retrained to take proactive steps toward preventing the effectiveness of such malicious attacks or they will continue to escalate.
Microsoft Office 365 has dozens of security and threat-reduction features which IT admins can use to combat cyberattacks, but one in particular depends on the participation and cooperation of employees using Outlook. If enabled by the Office 365 admin, Report Message allows users to report phishing and other suspicious email to Microsoft for further analysis with a single click of the mouse.
This tutorial explains how to turn on the Report Message feature for Office 365 Outlook users.
SEE: Phishing attacks: A guide for IT pros (free PDF) (TechRepublic)
Technically speaking, Report Message is an add-on for Outlook and not a standard feature. Therefore, Report Message must first be downloaded and installed. Individual users can just call up the Office Store and search for the add-on to install it, but in an enterprise setting, the Office Admin must perform the procedure.
Login to Microsoft Office 365 using the online portal and navigate to the Admin Center, and then click the Exchange section, as shown in Figure A.
Navigate to the Organization section of the Exchange Admin Center and click the Add-ins link. Assuming you have not downloaded it yet, click the link to find more add-ins for Outlook from the Office Store. (Figure B)
Click the search button on the Office Store page and look for Report Message. It should be the first result listed. Click that link to be taken to the download/install page, which should look similar to Figure C. Click the Add button to start the process.
Once the Report Message add-in is installed, an admin still must enable it. Navigate back to the Exchange Admin Center and click the Add-ins link as before. There should be a new entry for Report Message, double-click it (Edit) and then press the enable radio button of your choice. (Figure D)
Save your changes. Now, when users have Outlook open they should see an icon that says Report Message. When users click that icon, they will be given several choices on how to classify their suspicious email:
- Not Junk
As an option, users will also have the opportunity to send their classification to Microsoft. The feedback will help Microsoft's email classification and threat-reduction protocols to be more accurate going forward. However, whether Microsoft is included or not, enterprise admins should always be notified of any suspect emails immediately.
A follow up how-to tutorial will explain how to set up a rule in Exchange that will send a copy of flagged emails to the appropriate enterprise admins using the Report Message add-in.
- Here are the 'most clicked' phishing email templates that trick victims (TechRepublic)
- How to prevent phishing attacks in Microsoft Outlook and Office 365: 3 methods (TechRepublic)
- Ransomware reigns supreme in 2018, as phishing attacks continue to trick employees (TechRepublic)
- What is phishing? Everything you need to know to protect yourself from scam emails and more (ZDNet)
How successful are phishing attacks in your organization? What have you done to mitigate the problem? Share your thoughts and opinions with your peers at TechRepublic in the discussion thread below.
Mark W. Kaelin has been writing and editing stories about the IT industry, gadgets, finance, accounting, and tech-life for more than 25 years. Most recently, he has been a regular contributor to BreakingModern.com, aNewDomain.net, and TechRepublic.