Recommendation Option: Use of Outlook reporting button
While we offer the PhishArm plugin as an option, we strongly recommend using Microsoft's native Outlook reporting button for your phishing response strategy. This approach offers several significant advantages:
Cross platform consistency: Mobile access is available and experience is seamless across browsers
Stability & Reliability: Microsoft's native button is less vulnerable to policy changes, authentication updates, and mail flow rule modifications by Microsoft that frequently impact third-party plugins. This means fewer disruptions to your security operations and less maintenance overhead.
Simplified User Training: By leveraging Microsoft's default reporting mechanism, your organization benefits from a consistent user experience. Employees need to learn reporting method only once
Our integration with Microsoft's built-in reporting feature provides the same comprehensive security benefits while ensuring long-term stability and simplicity for both your IT team and end users. You can use the Microsoft button integration using this help article.
Table of contents
This documentation guides you through configuring the PhishArm plugin for Outlook 365, providing your organization with enhanced phishing detection capabilities.
Before proceeding with installation, ensure you have administrator access to your Microsoft 365 environment and that your organization's security policies permit third-party integrations. The following steps will walk you through the implementation process to ensure a smooth deployment across your organization.
1 : Downloading the configuration XML from Right-Hand portal
Click on PhishArm --> Settings --> Outlook Plugin
Click on the Download button, it will open the XML file in a new tab. Save the page as an XML file on your device using the 'Save as' option.
2. Steps to Add PhishArm Plug-in into your Company Domain
Login to your domain Admin center
Go to Settings - Click Integrated Apps and Choose Upload Custom apps
Under Deploy New App select Choose how to upload app Upload manifest File(.xml) / URL downloaded from CyberReady Portal ( Refer Step1 )
Please note the URL link will expire in 60 seconds. If the user uses the old link after 1 minute, they will observe the below error.
In such cases, please return to the Right-Hand Platform, refresh the page, and try again using a new XML link.
After uploading this XML file to your Microsoft Add-in Section, Click on the Next button
Under Users option
Set Entire Organization ( so that all employees under this domain will get this plugin in Outlook )
Click Next
Under Deployment click, Next Accept Permission and click on Finish Deployment
After Successful deployment users can click on Done and see the Plugin-in in the Add-ins list
Now all users under the domain can see this PhishArm plugin in their Outlook emails.
Important Note on Deployment Timeline
Please be aware that the removal of the previous application and propagation of the new installation may take time to complete throughout your organisation.
According to Microsoft’s guidelines, the deployment process may take up to 72 hours
3 : Allow delegated permissions for users for the phishArm plugin
Click on the following link to allow delegated permission and you will be redirected to the following link after MS admin login
Click on Accept.
4: Whitelist plugin domains in Firewall/ZeroTrust products
For customers using any firewalls or zerotrust products kindly whitelist the following domain in the perimeter security product/s
5 : Verify Successful Plug-in Installation
Open Your Outlook Inbox and Open any Email
You can now see PhishArm successfully added to Outlook
