Before Using KillPhish, you must deploy it to your Office 365 account. For instructions, see article: Deploying KillPhish
KillPhish, once deployed, will provide helpful tips related to dealing with suspicious emails and provide a risk assessment of potentially harmful emails. Using KillPhish, users can report suspicious emails to the email account of your choice at the click of a button.
KillPhish can be fully whitelabeled, including the name and logo. To configure KillPhish branding, navigate to Administration > Settings > Inbox / Reporting Settings. If the name of the KillPhish add-in is whitelabeled, all instances of 'KillPhish' in the examples below will be replaced with the whitelabeled add-in name.
The KillPhish Widget
Deploying KillPhish will enable the KillPhish widget across all Office platforms. The KillPhish widget is pictured below.
Helpful Tips contains suggestions for dealing with potential harmful emails, including reviewing links before clicking, verifying file types of attachments, and considering the ramifications of following any instructions or actions requested in the email.
All analytics sections will display a score deduction based on the content of the email. Low scores indicate a higher risk based on the message content.
Details lists important properties of the email and their values, including the sender, subject, SPF record pass/fail, attachments, and links contained in the email.
Links/Attachments lists all links and attachments in the email, and their associated URLs and file types.
Words/Phrases assesses certain keywords and phrases typically associated with risky emails, including but not limited to, 'password', 'irs', 'label', and 'invoice'.
Opening the KillPhish Widget
KillPhish is cross-platform compatible. Once deployed, KillPhish will be available in Outlook for desktop, mobile, and web. The method for using Killphish varies from platform to platform.
If an email is brought into focus in the inbox, the Report Phishing button will appear in the Outlook ribbon, pictured below.
Click the button to display the KillPhish widget.
To display the KillPhish widget in the Outlook web app, bring an email into focus, then click the 'More Options' ellipsis located at the top-right corner of the email window.
Once the options menu is displayed, click 'KillPhish' to display the KillPhish widget.
The KillPhish widget is only available for mobile devices from within the Outlook app. To access the options menu, select an email then tap the options ellipses in the top-right corner of the email window.
Once the options menu is displayed, tap the KillPhish icon to open the widget.