This document shows you how to install the SoSafe Phishing Report Button as an add-in for Outlook when using Microsoft Exchange 2016.
With the Phishing Report Button, all your employees can report e-mails directly in their Outlook mail program as a phishing attempt. If the e-mail is one of our simulated phishing e-mails, the user will receive a message that this phishing attempt has been detected correctly. If the e-mail is not from us, it is automatically forwarded to the IT department, which can then inspect it. You are free to choose the forwarding address. Please contact us at any time if you have any questions.
One of the following servers is required:
Exchange 2016 - Version 184.108.40.206 (RTM) or later
You should also have received a manifest file in XML format (sosafe-manifest.xml) from us, which you will need for the installation.
The button can be used in the following programs after the installation is complete:
Outlook 2013 for Windows
Outlook 2016 for Windows
Outlook 2016 for Mac
Outlook 2019 for Windows
Outlook 2019 for Mac
Microsoft does not allow the use of add-ins in shared mailboxes. Therefore, you can only use the button in personal mailboxes.
Log in to your Exchange Admin Center and go to the "Organization" menu. Then go to the "Add-Ins" tab. Use the + symbol to select the "Add from file" activity.
Select the manifest file (sosafe-manifest.xml) you received from us and click "Next".
The add-in should now appear in the list of loaded add-ins.
Click the pencil icon to edit the add-in settings. Select the "Make this add-in available to users in your organization" checkbox. Select one of the three available options:
- Optional, enabled by default: Use this setting if you want to allow users to disable the add-in.
- Optional, disabled by default: Use this setting if you want to allow users to enable the add-in.
- Required, always enabled. Users cannot disable this add-in: Select this setting if you do not want your users to disable the add-in. (SoSafe recommendation)
With the Exchange Management Shell, you can limit add-in availability to specific distribution groups. To do this, the appropriate distribution group must be configured in the Exchange Admin Center in the "Recipients" menu on the "Groups" tab.
Attention: please note, that the add-in roll out for specific users for OnPremise installations only allows for a maximum of 1000 users. You can only decide between user lists with up to 1000 users or a roll out to all users. For the latter one, you are finished with the installation on this point.
Then run the following commands in the Exchange Management Shell:
Get-App -OrganizationApp | Format-List DisplayName,AppId
The list of Add-Ins appears as output. Find the add-in "SoSafe Phishing Reporting" and copy the AppId.
Then run the following command. Replace the placeholder for the distribution group accordingly:
$a = Get-DistributionGroupMember
Finally, run the following command - and replace the placeholder for the AppId accordingly
Set-App -Identity -OrganizationApp -ProvidedTo SpecificUsers -UserList $a.Identity -DefaultStateForUser Enabled
For control purposes, you can have the add-ins listed with their configured properties:
Get-App -OrganizationApp | Format-List DisplayName,AppId,Enabled,DefaultStateForUser,ProvidedTo,UserList
You should receive an output as follows:
Note: The add-in will be made available to you in Outlook within the next 12-24 hours after completing the steps described above.
If you no longer wish to use the SoSafe Phishing Report Button, you can uninstall it in two easy steps.
In the Exchange Admin Center, go to the "Organization" menu and the "Add-Ins" tab. Select the "SoSafe Phishing Reporting" add-in there. Thenclick on the erase icon.
A pop-up window will open and ask for your confirmation, click "Yes".