Prevent False Positives from Microsoft Report Phishing Add-In

Updated by Jacob Flinders

Microsofts Report Phishing add-in is capable of generating false positives when it comes to 3rd party phishing simulations. This is due to the add-in scanning the URL's within emails to scan for potential bad actors.

To circumvent this, our allowlisting documentation for M365 is designed in such a way as to provide the best deliverability, and to bypass Microsofts scans, which result in these false positives.

More information on this can be found here: Configure the advanced delivery policy for third-party phishing simulations and email delivery to SecOps mailboxes | Microsoft Learn

If you wish to implement or re-inspect our M365 allowlisting documentation, please follow our Allowlisting guide here: M365 Allow Listing - HelpDocs

After implementing our allowlisting, the use of Microsofts phish report button should no longer effect any content sent to you by Boxphish.

In some cases, this can still occur for environments that use 3rd party mail filtering. If this is the case, please click the link below to look through or list of our different 3rd party mail filtering guides.

Email Gateways - HelpDocs

If your email gateway is not shown in the list of documentation linked above, please email our technical team ( who will be happy to help you with this further.

How did we do?