The Outlook Report Message add-in helps users quickly flag suspicious email directly from Outlook.
This guide explains how to use Outlook report message add in features, where to find them, and what happens after you submit a report.
What the Outlook Report Message Add-in Does
The Report Message add-in is a Microsoft-developed tool for reporting email that may be phishing, spam, or malicious.
It integrates with Outlook so you can send a copy of the message to Microsoft or your organization’s security team without leaving your inbox.
Organizations use it to improve threat detection, tune spam filtering, and investigate user-reported messages.
For Microsoft 365 environments, the add-in supports security operations by feeding real-world examples into filtering and analysis workflows.
Where You Can Use It
The add-in is commonly available in these Outlook experiences:
- Outlook for Microsoft 365 on Windows
- Outlook on the web
- Outlook for Mac, depending on tenant configuration
- Some mobile workflows may offer reporting through separate controls rather than the add-in itself
Availability depends on Microsoft 365 licensing, tenant settings, and whether your administrator has enabled the add-in for your organization.
How to Use Outlook Report Message Add-in
Using the add-in is straightforward, but the exact steps vary slightly by Outlook version.
In most cases, the process follows the same pattern.
1. Open the suspicious email
Select the message you want to report.
Review the sender, subject line, links, and any unexpected attachments before taking action.
If the message looks unsafe, avoid clicking links or downloading files.
2. Find the Report Message option
Look for the add-in on the ribbon or in the message toolbar.
In Outlook, it may appear under an Add-ins, Apps, or More Actions menu.
In Outlook on the web, it may be available from the top toolbar or the ellipsis menu.
3. Choose the right report category
Most versions let you select one of several report types.
The most common categories include:
- Phishing
- Junk email or spam
- Not junk
Choose the option that best matches the message.
If the email is pretending to be a trusted brand, requests credentials, or tries to create urgency, phishing is usually the correct choice.
4. Submit the report
After choosing a category, confirm the submission.
The add-in typically sends a copy of the email, including headers and metadata where applicable, to Microsoft and/or your organization’s security platform.
5. Follow your organization’s workflow
Some companies configure the add-in so reported messages also go to an internal mailbox or Microsoft Defender for Office 365.
If prompted, provide a reason or extra context so analysts can investigate more efficiently.
What Happens After You Report a Message?
When you report an email through the add-in, several things may happen behind the scenes.
The message can be used for threat analysis, spam filtering, and tenant-level investigation.
In Microsoft 365 environments, reported messages may help security teams identify campaign patterns, false positives, or active phishing attempts.
Depending on configuration, the reported item may also be moved, marked, or retained for review.
The add-in does not always delete the message automatically, so you should remove it from your inbox if your organization’s policy recommends doing so.
Best Practices for Reporting Email Safely
To get the most value from the feature, report messages carefully and consistently.
Good reporting improves security telemetry and helps reduce false negatives.
- Report suspicious messages as soon as possible.
- Do not forward phishing emails manually if your organization has a reporting tool.
- Use the correct category instead of selecting phishing for every unwanted message.
- Check the full sender address, not just the display name.
- Hover over links to inspect destinations before opening them.
- Report internal messages only if they appear compromised or malicious.
If your organization uses Microsoft Defender for Office 365, user reports may feed into the Submissions workflow, where security teams can review malicious emails, URLs, and attachments more efficiently.
How to Tell If the Add-in Is Installed
If you do not see the Report Message button, it may not be installed or enabled for your account.
Common signs include:
- No report option in the ribbon or toolbar
- Missing add-in in the Apps or More Actions menu
- Organization policy restricting third-party or built-in add-ins
- Outdated Outlook client or unsupported mailbox type
In Microsoft 365, administrators can deploy the add-in centrally through the admin center.
Users may also need to restart Outlook or refresh the browser session before the button appears.
Report Message vs Report Phishing
Microsoft offers closely related reporting tools, and the distinction matters.
Report Message is often used for junk, phishing, and general suspicious mail.
Report Phishing is more focused on security incidents and typically routes reports to security teams or Microsoft for deeper analysis.
If your organization has both options, follow the internal policy or user guidance.
Many companies standardize on one reporting method to keep analysis consistent and reduce duplicate submissions.
Troubleshooting Common Problems
If the add-in does not work as expected, a few common issues are usually responsible.
The button does not appear
Check whether the add-in is enabled in Outlook settings, then confirm with your administrator that it is deployed for your tenant.
In web-based Outlook, try refreshing the page or signing out and back in.
The report fails to send
Network restrictions, mailbox permissions, or temporary service issues can interrupt submission.
Try again after a short delay, and verify that Outlook is connected to Microsoft 365 services.
The email was reported incorrectly
If you sent the wrong category, inform your security team if required.
This can matter when analysts use reported samples to adjust filters or investigate incidents.
Why This Feature Matters for Microsoft 365 Security
User reporting is one of the most effective ways to identify active threats that automated filters may miss.
The Outlook Report Message add-in creates a simple path for employees to participate in email defense without relying on manual screenshots or external forwarding.
For security teams, the reporting data can support incident response, threat hunting, and policy refinement.
For end users, it reduces friction and makes it easier to act on suspicious messages quickly and consistently.
Key Takeaways for Daily Use
- Use the add-in to report suspicious email directly from Outlook.
- Select the most accurate category: phishing, junk, or not junk.
- Check whether your organization routes reports to Microsoft, internal security teams, or both.
- Report early and avoid interacting with unsafe links or attachments.
- Contact your administrator if the add-in is missing or not functioning.
Knowing how to use Outlook report message add in tools correctly helps you respond faster to phishing and improves the overall security posture of your Microsoft 365 environment.