A new button and add-on for Microsoft 365 / Office 365 accounts and Outlook allow employees to report fraudulent emails directly to the National Cyber Security Center (NCSC) in the UK. The button is an extension of the NCSC’s existing Suspicious Email Reporting Service (SERS), which has received over 6.6 million reports since it was launched in April 2020. By June 30, the NCSC had blocked over 50,500 fraud attempts and 97,500 URLs.
While email filtering systems can prevent some phishing attacks from reaching employees’ inboxes, scammers are always looking for ways to bypass the filters – for example, by setting up scams– host cloud services, – Create 365 phishing pages or compromise SharePoint sites to trick victims into entering their work account credentials. One of the “typical” phishing URLs the NCSC deals with is tricking employees into clicking a link that downloads malware onto a work computer.
The Report Phishing tool is used byand can be installed from Microsoft’s AppSource website. After installing the add-in, administrators need to create a mailflow rule to report phishing instances to SERS. Once activated, a new “Report Phishing” button will appear in the main Outlook toolbar. Outlook on the web has a Report Phishing button in the sidebar.