The Report Message add-in provides the option to report both spam and phishing messages. For more information, see Enable the Report Message add-in. If you want your users to report both spam and phishing messages, deploy the Report Message add-in in your organization. You can install either the Report Message or Report Phishing add-in. Your organization's security team can use this information as an indication that anti-phishing policies might need to be updated. This information surfaces in the Security Dashboard and other reports. For example, suppose that people are reporting many messages using the Report Phishing add-in.
Microsoft uses these submissions to improve the effectiveness of email protection technologies. The Report Message and Report Phishing add-ins for Outlook and Outlook on the web (formerly known as Outlook Web App) enable people to easily report false positives (good email marked as bad) or false negatives (bad email allowed) to Microsoft and its affiliates for analysis. For more information, see Use Admin Submission to submit suspected spam, phish, URLs, and files to Microsoft. If you're an admin in a Microsoft 365 organization with Exchange Online mailboxes, we recommend that you use the Submissions page in the Microsoft 365 Defender portal.