Important Note: This guidance is mostly deprecated as CanIPhish can now directly Integrate with the Microsoft Report Phish Button and False Positive Suppression Configurations can be adjusted to exclude activity from Microsoft. If you would still like to disable the Microsoft "Report as Phishing" button, then follow the guidance below.
Should your recipients use the Microsoft 365 report as phishing feature on one of CanIPhish's simulated phishing emails, it can cause a false-positive click to appear in the platform. Naturally, this would be counted as a failure on the recipient's part even though they never clicked the link, so we want to prevent this from happening.
To do this we'll need to disable the junk email and phishing email reporting feature via Exchange PowerShell. The simple steps below will guide you through this process.
Use Exchange Online PowerShell to disable the Microsoft 365 "Report as Phishing" feature
- Open Exchange PowerShell then run the following command to locate the relevant policy:
Get-OwaMailboxPolicy | Format-Table Name,ReportJunkEmailEnabled
- Set the policy to false, as in the example below:
Set-OwaMailboxPolicy -Identity "OwaMailboxPolicy-Default" -ReportJunkEmailEnabled $false - To verify the changes, check a recipient's Outlook on the web account and select the Mark as phishing option from the drop-down menu, as below:
-
Once the feature has been disabled, recipients will still see the option, however, when it is clicked the message will not be reported and the "successful reporting" message will not display.
Should you have any difficulties with allowlisting, please don't hesitate to contact us.
Comments
0 comments
Please sign in to leave a comment.