Microsoft 365: This new one-click button lets businesses report scam emails

A new button and add-on for Microsoft 365/Office 365 accounts and Outlook allows employees to report scam emails directly to the UK’s National Cyber Security Centre (NCSC). 

The button is an upgrade to the NCSC’s existing Suspicious Email Reporting Service (SERS), which has received over 6.6 million reports since launching in April 2020. As of 30 June, NCSC had removed over 50,500 scams and 97,500 URLs.

While email filtering systems can stop some phishing attacks reaching staff inboxes, scammers are always looking for ways to bypass filters — for example, by hosting scams on Google cloud services, creating Office 365 phishing pages, or compromised SharePoint sites to trick victims into entering their work account credentials. 

SEE: This new phishing attack is ‘sneakier than usual’, Microsoft warns

The ‘typical’ phishing URLs that NCSC handles include tricking staff to click a link that downloads malware on a work computer, creating cloned login pages, and email with fake alerts about work software such as Microsoft Teams.

“Opportunistic scams during the pandemic have demonstrated how cyber criminals constantly find new ways to target us,” said NCSC technical director Ian Levy. 

“The good news is that you can help protect your workplace by forwarding suspected scam emails to the Suspicious Email Reporting Service (SERS) from your work email account at the click of a button.”

NCSC has provided guidance for admins to enable the Office 365 ‘Report Phishing’ add-in for Outlook.

The Report Phishing tool is actually made by Microsoft and can be installed from Microsoft’s AppSource site. After installing the add-in, admins need to create a mail flow rule to report phishing instances to SERS. After it’s enabled, a new Report Phishing button appears in main Outlook toolbar. For Outlook on the web, the Report Phishing button appears in the sidebar. 

“The NCSC’s Suspicious Email Reporting Service (SERS) enables the public to report suspicious emails by sending them to [email protected]. The SERS analyses the emails and where found to contain links to malicious sites, seeks to remove those sites from the internet to prevent the harm from spreading,” NCSC notes. 

SEE: Malware developers turn to ‘exotic’ programming languages to thwart researchers

The reports are sent to both Microsoft and the NCSC. 

For organizations that cannot install the Report Phishing button for Outlook, NCSC is still encouraging businesses to forward or attach scam emails to send to [email protected].