Articles on: Campaigns

How to report suspicious mails

How to report suspicious emails


Reporting suspicious emails is one of the most effective ways to protect your organization. AutoPhish makes it easy for employees to report potential phishing attempts — whether they’re part of an AutoPhish simulation or a real-world email.



Option 1: Forward the email to report@autophish.io (no setup required)


This is the simplest way to enable reporting — it works for everyone and doesn’t require any installation.


How employees report an email

  1. In your email client, open the suspicious email.
  2. Forward the email to: report@autophish.io
  3. (Optional) Add a short note like “Suspicious” or “Looks like phishing”.
  4. Send.


What happens next (AutoPhish simulation emails)

If the email was sent by AutoPhish (a simulation), we automatically match it to:

  • the correct campaign, and
  • the correct company / tenant


This works by checking special tracking headers that AutoPhish embeds into simulation emails.


What happens next (non-AutoPhish emails)

If employees forward emails that were not sent by AutoPhish, we will still try to match the report to the correct company based on multiple signals (for example: recipient domain, routing information, and other technical traits).



Option 2: Use the Outlook add-in (best UX for Microsoft 365)


For organizations that want a faster “one-click” reporting experience inside Outlook, AutoPhish offers an Outlook add-in.


Benefits

  • Easier for employees (no forwarding needed)
  • More consistent reporting workflow
  • Reduced user mistakes when reporting


Availability

  • ✅ Outlook add-in: available
  • 🛠 Add-ins for other email clients: currently in development


To request the Outlook add-in or ask about other platforms, contact: support@autophish.io



Where reported emails show up in AutoPhish


All reported emails that AutoPhish successfully matches to your company and/or campaigns are shown inside the AutoPhish application, where admins can:

  • review what was reported,
  • see whether it was a simulation vs. external email (if determinable), and
  • take follow-up actions based on your internal process.



Tips for employees: when in doubt, report


Encourage employees to report anything that looks off, such as:

  • urgent requests (especially involving money, invoices, gift cards, or credentials)
  • unexpected password resets or MFA prompts
  • “verify your account” / “update payment” messages
  • attachments or links you didn’t expect
  • emails that don’t match the sender’s normal writing style


A false alarm is better than a missed phish.



Need help?


If you have questions about rollouts, reporting workflows, or integrations, reach out to support@autophish.io.


Updated on: 14/02/2026

Was this article helpful?

Share your feedback

Cancel

Thank you!