Cloudflare Docs
Cloud Email Security (formerly Area 1)
Cloudflare Docs
Cloud Email Security (formerly Area 1)
Edit this page
Report an issue with this page
Log into the Cloudflare dashboard
Set theme to dark (⇧+D)
  1. Products
  2. Cloud Email Security (formerly Area 1)
  3. ...
  4. Phish submissions
  5. PhishNet for Office 365

PhishNet for Office 365

PhishNet is an add-in button that helps users to submit directly to Cloud Email Security (formerly Area 1) phish samples missed by Cloud Email Security’s detection. PhishNet avoids the previous process, where users had to report phish to their email admins, which then had to manually download and forward the sample to Cloud Email Security.

​​ Prerequisites

To set up PhishNet with Office 365, you will need:

  • An Cloud Email Security account with admin access.
  • Admin access to Microsoft.com.

​​ Set up PhishNet for Office 365

  1. Log in to admin.microsoft.com with your admin account.

  2. Select the three-line button to open the menu.

  3. Go to Settings > Integrated Apps.

    Select Integrated apps from the menu

  4. Select Upload custom apps.

    Select upload custom apps

  5. On a new browser tab, log in to Cloud Email Security (formerly Area 1) with an admin account.

  6. Select Settings (gear icon).

    Select settings (the gear icon)

  7. Go to Email Configuration > Phish Submissions > PhishNet O365.

    The PhishNet settings will let you copy the appropriate URL to install it on Office 365

  8. Select Copy to copy the URL. This URL will let you install PhishNet in Office 365.

  9. Go back to the Microsoft admin browser tab.

  10. From Upload Apps to deploy, select Provide link to manifest file, and paste the URL you copied from your Cloud Email Security dashboard.

    Paste the URL you have copied from Cloud Email Security.

  11. Select Validate. Wait for a success message to appear below the input. Then, select Next.

  12. Under Assign users, select Entire Organization, and then select Next.

    Paste the URL you have copied from Cloud Email Security.

  13. In App Permissions and Capabilities, make sure PhishNet has the correct permissions: Outlook: ReadWriteMailbox, SendReceiveData. Then, select Next.

    Make sure PhishNet has the correct permissions.

  14. In the next screen, make sure that in Assigned Users you have Entire organization. Then, select Finish Deployment.

  15. Once deployment is complete, you should see a message confirming it. Note that it can take up to six hours for PhishNet to appear in Office 365 (or six hours to update if previously installed.) Select Done.

    PhishNet might take up to six hours to appear in Office 365.

You have now installed PhishNet for Office 365. After the process is complete, PhishNet will show up on the Integrated Apps screen.

Search for PhishNet in the Integrated Apps screen.

​​ Submit phish with PhishNet

  1. Open the message you would like to flag as either spam or phish.

  2. Select the PhishNet logo in the task pane, near the other action buttons - such as reply and forward.

  1. Under Select Submission Type, select the type of your submission - Spam or Phish.

    Choose the type of submission you would like to make

  2. Select Submit Report.

Once the email has been successfully submitted to Cloudflare Cloud Email Security for review, PhishNet will show you a Submission Complete message.