Reported Phishing Emails
To present all phishing reported emails from end users using the Automatic Ingestion of End User Reports, reports must be configured to be sent to Microsoft and to an internal phishing reporting mailbox.
If your Microsoft 365 account is configured to send reported emails to an internal mailbox, Avanan monitors that internal mailbox for phishing reports, and the configuration does not change.
If your Microsoft 365 account is not configured to send emails to an internal mailbox, the system creates a shared mailbox with report-phishing-checkpoint@<your domain> email address and configures it to receive these reports.
Note:
The system creates only a shared mailbox and it does not consume a Microsoft license from your account.