Phish Alert Button (PAB): How to Use It to Report Phishing Emails

Overview

OIT Security is launching a new tool to help protect UAH from phishing campaigns.

On Dec. 1, 2025 OIT Security will deploy a new Gmail feature to UAH staff called the Phish Alert Button (PAB). This button will provide you a quick and safe way to report suspicious emails for automated review and remediation.

Click a link below to jump to a section.

What is the Phish Alert Button?

The PAB allows you to easily report a potential phishing email via Gmail.

Clicking the PAB will forward the suspicious email to our OIT Security department for review and remediation. It will also provide reporting metrics and, if deemed dangerous, automatically remove the suspected email from the user's inbox to prevent future exposure. Reported emails that are found to be legitimate will be restored to the user’s inbox.

You should report all suspected phishing emails using the PAB. You can still utilize the previous method of reporting phishing emails by clicking the 3 dots and selecting “Report Phishing”, but the PAB is easier to use and recommended as the first option for reporting. The PAB should NOT be used to report spam

How do I use the Phish Alert Button?

The PAB is available in the Gmail web inbox and mobile app.

Phish Alert Button in Gmail

  1. Open Gmail.
  2. Click on the suspicious email you would like to report.
  3. Locate the Phish Alert Button on the right-hand side of the email.
    Gmail web inbox. The Phish Alert Button appears as an orange fishing hook in the right-hand side panel
  4. Click the Phish Alert Button.
  5. A pop-up displays asking you to confirm that you want to report the email message as a phish. Click Phish Alert.
    Phish Alert slide-out panel. It contains the subject of the email, the sender's email address, and a button labelled "phish alert"
  6. You will receive confirmation that the email was reported.
  7. The message will automatically be removed from your inbox for analysis.

Phish Alert Button in Gmail Mobile App (iOS & Android)

  1. Open the Gmail Mobile app.
  2. Click on the suspicious email message you would like to report. ​
  3. Scroll to the bottom of the screen and locate the Available Add-ons section. From the Add-ons section, click the phish hook icon and scroll down to the bottom of the screen to access the PAB.
    Email in the Gmail mobile app. At the bottom of the screen, the text "Available Add-ons:" is shown along with the Phish Alert Button icon, which is a fishing hook
  4. To report the email, click the blue Report This Suspicious Email button.
    Phish Alert panel appears at the bottom of the email viewing pane. It contains the subject of the email, the sender's email address, and a button labelled "report this suspicious email"
  5. You will see a confirmation message like the one shown below.
    In the Phish Alert pane, the message "Email was reported" appears
  6. The suspicious email will be removed from your inbox for analysis.

FAQ

Why is there a new button to report phishing emails?

The Phish Alert Button (PAB) is a safe and easy way to report suspicious emails. Gmail’s reports and metrics are not easily accessible and do not integrate with our automated processes. The PAB replaces the previous process of forwarding suspicious emails directly to Google and will result in much faster removal of phishing emails from inboxes.

Should you continue using the original reporting buttons?

No, all users should report suspicious emails using the PAB. This way you are reporting directly to our Security team for analysis and remediation and so we can pull reports/metrics from Knowbe4.

Will reporting an email as a phish using the new button act as a means of blocking future communications that look similar?

The button will forward the email to our OIT security mailbox for review. When the suspicious emails are reviewed, our blocklist will be updated and the system will be better trained to block similar messages in the future.

Will we remove the native phishing reporting button in Gmail?

The Gmail native reporting button cannot be removed. 

What is the difference between spam emails and phishing emails?

Spam emails are unsolicited nuisances such as a bulk email, invitation to a conference you've never heard of or congratulations on winning a contest you've never entered.  Phishing, however, is a malicious attack designed to trick you into giving away sensitive information like your password or clicking on a link in the email.  Phishing emails often attempt to create a sense of urgency or fear that "your account has been suspended" or "your financial information has changed."  For more information, see the related KB article Phishing or Spam:  What's the Difference?

Should I use the Phish Alert Button to report spam?

No.  The PAB should be used to report phishing emails.  Spam should be reported using the native Google spam reporting mechanism of clicking the 3 dots in the top right corner of the email and click "Report spam".  If there is any doubt about whether a particular email is spam or phishing, please report it using the PAB for evaluation.

Still Need Help?

If you have additional questions about this topic, please contact the OIT Help Desk

Print Article