Setup Phish Reporter in Google Workspace

The Phish Reporter feature enables Google Workspace users to forward suspicious emails to a designated company mailbox (e.g., phishreport@yourdomain.com). This allows your organisation to monitor reported emails internally and track the reporting of phishing simulations within the Platform.

Configure a Reporting Mailbox Using Google Groups


  1. Create a dedicated reporting mailbox (if not already in place), such as e.g., phishreport@yourdomain.com.
  2. Sign in to the Google Workspace Admin Console and navigate to Groups
  3. Click Create Group and give it a descriptive name, e.g., Phishing Reports
  4. Under Access Settings, tick the External box for Who can post.

*This allows the platform to receive reported phishing emails from your learners.

  1. Scroll down and select Allow members outside your organisation.

  1. Click Save.
  2. Once enabled, add our reporting mailbox report@phish.goldphish.com as a new member.

Once configured, learners can forward suspicious emails to your reporting mailbox (e.g., phishreport@yourdomain.com). These reports will be captured in the Platform, and learners will receive recognition for reporting phishing simulations.

Test Campaign: After configuration, run a phishing simulation campaign to a single test user. Allow 5–10 minutes for reported emails to display in the dashboard.

Gmail Report Phishing Button: Gmail’s built-in Report Phishing button is not supported for reporting simulations. Please instruct learners to forward suspicious emails only.

Sample Communication for Staff


To help employees use the Phish Reporter tool, you can adapt and share this message:

Subject: See Something Phishy? Report It Immediately


Body:


If you receive an email that looks suspicious, forward it to (e.g., phishreport@yourdomain.com).


✅ Forward us as many suspicious emails as you like.

✅ Send us emails that feel suspicious, even if you're not certain they're a scam - we can check.

✅ Report emails even if you think they're a simulated phishing test - you'll get high fives.

⛔ Don't click on any links in a suspicious email.

⛔ Don't open any attachments in a suspicious email.

⛔ You don't need to forward us suspicious emails you find in your spam/junk folder.


By reporting suspicious emails, you help protect yourself, your colleagues, and our organisation from cybercrime. If you have questions about this feature, please reach out to the IT helpdesk.


Thank you for your support.

That's It! You’ve now set up the Phish Reporter feature for Gmail.🚀


If you need a hand, contact our Support Team via email at support@goldphish.com.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us

Related Articles