How to enable reporting of phishing emails in Phishing Readiness
search cancel

How to enable reporting of phishing emails in Phishing Readiness


Article ID: 179211


Updated On:


Email Phishing Readiness Email Threat Detection and Response




If your organization supports the practice of reporting suspicious emails to the Help Desk or Security Team, we can leverage that process to create a full feedback loop for your Assessments.


Most organizations use an email Distribution List as a central reporting location for the Help Desk and/or Security team. To enable automated integration of reported phishing emails, simply add the following email address to any existing Distribution Lists that employees have been instructed to report suspicious emails to.

[email protected]

Any phishing assessment emails forwarded to this alias will be logged with an event generated in the "Reported" column of the Assessment Result Details. Any emails forwarded to this alias that did not come from a Symantec Phishing Assessment will be ignored and discarded.

Note that you probably do not want to forward ALL mail that your organization receives to this distribution list. To only forward phishing assessment emails, configure the forwarding rules to forward messages that match this text string:


This tag is contained in all phishing assessment emails sent by the Symantec Phishing Readiness platform. Depending on mail delivery times, it may take 5-10 minutes for Reported events to appear the Assessment Results.