Skip to content
Submit a Ticket
  • There are no suggestions because the search field is empty.

FAQ - Microsoft Report Button Integration 

Frequently asked questions and answers for the Microsoft Report Button Integration. 

This is integration is free to use and available for all our customers using Microsoft

Find the guide to set up the Microsoft Report Button Integration here

What do we get out of using the integration? 

  • Employees receive a positive confirmation email when they correctly report a Nimblr simulation. This boosts reporting culture, strengthens resilience, and reduces breach impact, without adding complexity or privacy risks.
    It also allows Nimblr to better adapt and improve the training for your users based on their reporting history behaviour.

How do we set up the integration and where can I see it if it works?

  • Nimblr connects to Microsoft Outlook’s built in report button that your employees already have by default in Microsoft, to track phishing reporting behavior with no extra installation necessary. Only requires access to a shared dedicated mailbox with limited permissions to track the user reported submissions. 

Is the integration making it possible for Nimblr to read user mailboxes? 

  • No. Nimblr only gets limited information regarding which user reported a specific Nimblr phishing simulation through the dedicated shared mailbox. 

Does the Report Button work on Outlook mobile & web as well?

  • Yes, it works everywhere in Microsoft. 

Does Nimblr intend to make this report button feature available for Gmail and other email clients? 

  • Right now this is intended only for our customers using Microsoft.
    If you are using another client and wish to see this feature there then please submit your feedback to our support team here.

What data does Nimblr read from the reported phishing simulations?

  • Nimblr checks whether the reported message matches our simulation.
    If yes, it logs the reporting event in the portal and checks the following data. If no, it ignores it.

    • Who received the email

    • Who reported the email

    • When it was reported

    • The subject line

    • Message ID

      We never read:

    • Email body content

    • Attachments

    • Links

    • Images

What if a user reports a real phishing email or a regular business email?

  • If an employee reports a real phishing or business email, Nimblr does not: 

    • Store it

    • Read the content

    • Analyze it

    • Display it

    • Log it in the portal

    • Send the confirmation email to the user


How do we remove the access that Nimblr has to the Microsoft Report Button? 

  • Removing the integration in the Nimblr Portal.

  • Deleting the Nimblr Report Button in Microsoft under App registrations.

  • Removing the shared mailbox.

 If you have any further questions, feedback or requests just reach out to us at:                                                    support@nimblrsecurity.com
                                                                   Or
                                                        Submit a Ticket