This document shows, how you can install the SoSafe Phishing Alert Button Add-in for Outlook, if you use Microsoft Office 365. 

Using the Phishing Alert Button, all your employees can report suspicious emails as phishing attempts in their Outlook mail program. If the reported email was one of our phishing simulations, the user receives a message, that he successfully detected our phishing attempt. If the reported email is none of ours, the case will be automatically forwarded to the IT-department, for examination. The forwarding address can be chosen freely. If you have any questions, please contact us at any time.


One of the following servers is required:

  • Office 365 for Business / Office 365 for Education
  • Exchange Server 2016 (only Hybrid), Version 15.1.544.27 (CU3) or later version

Furthermore, you should have received a manifest file in XML-format (sosafe-manifest-o365.xml), which is needed for the installation. 

After the installation is completed the button can be used in the following mail clients: 

  • Office 365 Outlook Web Access (OWA)
  • Outlook for Office MSO
  • Outlook 2016 for Windows (only in Click-to-Run installation)
  • Outlook 2016 for Mac
  • Outlook for iOS
  • Outlook for Android


Step 1

Log on to your admin center and click on “Admin”.

Step 2

Click on “Show all” on the left sidebar and select “Settings” (1) à “Services & add-ins” (2).

Step 3

Click on “Deploy Add-In”.

Step 4

Select the option “I have the manifest file (.xml) on this device.” (1) and click on “Browse” (2).

That will open a window, where you select the provided manifest file in the .XML-format (sosafe-manifest-o365.xml). Then press “Open”.

Step 5

The name of the manifest file should be visible next to the browse-button. Press “Next”. The manifest file will be processed quickly.

Step 6

The option “Everyone” should be predefined. Click on “Deploy now”.


Step 7

You should now receive the following message:

Click on “Next” and in the following window on “Close”. After that, the installation is completed. 

Note: After the above mentioned steps, the Add-In will be provided within the next 12 hours. Best log off right away from your Microsoft Online Account and log back on. Check, if you can find the Add-In as mentioned below. Should that not be the case, check again after 12 hours. 

The Add-In Sosafe Phishing-Reporting should be visible in the overview “Services & add-ins” (c.f. Installation, Step 3):



If you do not want to use the button anymore, you can uninstall it within three easy steps. 

Step 1

Open the overview “Service & add-ins” (c.f. Installation, Step 3). Press on the Add-In “SoSafe Phishing-Reporting”.


Step 2

A new window will open. There click on "Delete Add-In”.

Step 3

Click on “Yes”.

Copyright, 2019, SoSafe GmbH

In case of problems or other questions, please contact us anytime: