How to Report Phishing Emails?



Option 1 - Manual Forwarding:


If your organisation already has a mailbox for reporting suspicious emails (e.g., phishreport@yourdomain.com), Learners can manually forward suspected phishing emails there. Configure this mailbox to automatically forward those emails to report@phish.goldphish.com. Our platform will then mark the email as “reported” by the Learner.

Google Workspace Users: For guidance on forwarding phishing emails manually (as native integration isn’t currently supported), please see our Google Workspace guide.

Option 2 - Microsoft Report Button:


If your organisation uses Microsoft 365, you can enable the built-in Report Phishing button. Learners simply click this button to report suspicious emails directly from their inbox.

For step-by-step setup instructions, visit our Microsoft Report Button guide.

Test: After setup, we recommend running a phishing campaign with a small group of Learners to test the reporting functionality. Please allow up to 5–10 minutes for reported emails to appear in the app dashboard.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us