Outlook Add-In

Overview

The Outlook Add-In enhances user security awareness and actionability by integrating protection features directly into the Outlook application. The add-in supports the following primary use cases:

  • Misdirected Email Prevention

    Identifies and alerts users to potential mistakes when sending emails, such as typos in recipient addresses, lookalike domains, or unauthorized external recipients. See Configuring Misdirected Email Prevention.

    Note - The Misdirected Email Prevention is supported only for Desktop.

  • Report Phishing

    Enables users to report suspicious emails directly from Outlook, contributing to faster threat detection and response. See Reporting Phishing Emails from Outlook.

    Note - The Report Phishing is supported for Desktop and Mobile.

  • Email Security Portal Access

    Allows authorized users to quickly access the Harmony Email Security Portal to manage quarantined emails and submit restore requests directly from their inbox. See Accessing the Email Security Portal from Outlook.

    Note - The Email Security Portal Access is supported for Desktop and Mobile.

00:03: This tutorial demonstrates how to configure the Outlook Add-in with Harmony Email and Collaboration.

00:09: Log in to Infinity Portal and access the Harmony Email and Collaboration Administration Portal.

00:16: From the left navigation panel, select User Interaction then click Misdirected Emails.

00:22: Click Add-In Configuration.

00:25: The "Outlook Add-In Configuration" pop-up appears.

00:28: In the Add-In name field, enter a name for the add-in. This appears as the name of the add-in in the Outlook application. To use the default name of the add-in, click "Default Label".

00:39: In the "Select Outlook version" section, select your Outlook version.

00:44: To enable on-screen warnings before sending an email, when a misdirected recipient is detected select the misdirected. Recipients checkbox.

00:52: To show checkpoint branding in the warning dialogue. Enable the display powered by checkpoint, toggle to allow users to bypass the warning if needed enable the allow and users to ignore warnings to

01:05: To add a "Report Phishing" button to the Outlook ribbon, select the "Report Phishing" checkbox.

01:11: In the "Label Name" field, enter a name for the button. This appears as the name of the button in the Outlook application. To use the default name of the button, click "Default Label".

01:21: To add a button that opens the End User Portal directly from Outlook, select the Email security portal checkbox. It allows users to manage quarantined emails and restore requests without re-authentication. Then click "Save and Download .xml" to download the configuration file. Upload the downloaded xml file to the Microsoft 365 Admin Center to deploy or update the add-in for your users.

01:47: In the "Misdirected Emails" page, you can configure the required misdirected email notifications based on the categories.

01:55: The Outlook Add-In performs real-time checks during user actions such as Send, Reply, Reply All, and Forward. When a potential risk is detected, the system displays an on-screen warning to the user before the email is sent.

02:08: When the maximum number of alerts is reached, the system displays only the highestpriority alerts to users, based on the prioritized list. To configure this setting, select the required number from the "Max alerts shown to end users" dropdown and click "Save Changes".

02:24: Thank You for Watching.

High-Level Procedure

  1. Configuring the Outlook Add-In

  2. Deploying the Outlook Add-In to the Microsoft 365 Admin Center

Configuring the Outlook Add-In

Administrators can configure the Outlook Add-In from the User Interaction settings in the Harmony Email & Collaboration Administrator Portal. These settings allow administrators to enable features, customize labels, and define end-user interaction preferences.

To configure the Outlook Add-In:

  1. Access the Harmony Email & Collaboration Administrator Portal.

  2. From the left navigation panel, go to User Interaction > Misdirected Emails.

  3. In the Misdirected Emails page, click Add-In Configuration.

  4. In the Outlook Add-In Configuration pop-up that appears, configure the following settings.

    1. In the Add-In name field, enter a name for the add-in. This appears as the name of the add-in in the Outlook application. To use the default name of the add-in, click Default Label.

    2. In the Select Outlook version section, select your Outlook version.

      • New Outlook

      • Classic Outlook

        Notes:

        • By default, the New Outlook option is selected.

        • The Outlook Add-In is supported in the following Classic Outlook versions.

          • Mac: 16.104

          • Windows: 2511

    3. Configure the Add-In features section:

      1. To enable on-screen warnings before sending an email when a misdirected recipient is detected, select the Misdirected recipients checkbox.

        Note - The Misdirected recipients checkbox is not available on mobile devices.

        1. To show Check Point branding in the warning dialog, enable the Display ‘Powered by Check Point toggle.

        2. To allow users to bypass the warning if needed, enable the Allow end users to ignore warnings toggle.

          Note - The Display ‘Powered by Check Point and Allow end users to ignore warnings toggles are not available on mobile devices.

      2. To add a Report Phishing button to the Outlook ribbon, select the Report Phishing checkbox.

        • In the Label Name field, enter a name for the button. This appears as the name of the button in the Outlook application. To use the default name of the button, click Default Label.

      3. To add a button that opens the Email Security Portal directly from Outlook, select the Email security portal checkbox. It allows users to manage quarantined emails and restore requests without re-authentication.

        • In the Label Name field, enter a name for the button. This appears as the name of the button in the Outlook application. To use the default name of the button, click Default Label.

      4. Click Save & Download .xml to download the add-in configuration file.

Deploying the Outlook Add-In to the Microsoft 365 Admin Center

After configuring the Outlook Add-In and downloading the .xml configuration file. Upload it to the Microsoft 365 Admin Center to deploy or update the add-in for your users.

For more information, see Deploy Add-Ins in the Microsoft 365 Admin Center.

Notes:

  • Any configuration change requires downloading and re-uploading the updated xml file to the Microsoft 365 Admin Center for the changes to take effect.

  • The Outlook Add-In may appear up to 72 hours after installation.

Configuring Misdirected Email Prevention

The Outlook Add-In performs real-time checks during user actions such as Send, Reply, Reply All, and Forward. When a potential risk is detected, the system displays an on-screen warning to the user before the email is sent.

To configure misdirected email notifications:

  1. Access the Harmony Email & Collaboration Administrator Portal.

  2. From the left navigation panel, go to User Interaction > Misdirected Emails.

  3. Enable the required categories toggle buttons and click Save Changes. See Misdirected Emails Categories.

Misdirected Emails Categories

Category and Name

 Description

Enabled by Default?

Misdirected Recipients

Incorrect Recipient Address

Notifies users when emailing an external contact for the first time.

Yes

Lookalike Domain

 Warns users when the recipient’s domain closely resembles a trusted domain.

Yes

External Contact

 Alerts users when an email address may contain typographical errors.

No

Incoming Email from External Sender

Displays alerts for incoming emails (label/description placeholder shown) from external senders.

No

Fundamentals

Sender Domain Created Recently

 Detects emails whose sender domain was created recently.

No

Reply-to Domain Recently Created

 Detects incoming emails with a reply-to domain that was created recently and differs from the sender domain.

No

Sender Name Differs from Address

Detects emails where the display name significantly differs from the actual email address.

No

Sender SPF Failed

Detects emails that fail Sender Policy Framework (SPF) authentication.

No

Impersonation

Sender Resembles Internal Employee

 Detects emails from a first-time sender whose display name matches an employee within the organization.

No

First-time Sender

Detects emails from senders with whom the recipient has never communicated.

No
Business Email Compromise
Payroll Information Update Request

Detects emails requesting payroll information updates from external senders.

No

Invoice from a New Vendor

Detects invoices received from vendors with no prior communication history.

No

Sender Resembles Contact

Detects email senders that closely resemble, but are not identical to, known contacts.

No

Request to Update Payment Details

Detects vendor requests to change payment details.

No

Financial Transaction Requests

Emails with Invoices / POs

 Detects emails that contain payment requests such as invoices or purchase orders.

No
Payment Request via Payment Service Detects payment requests via third-party services (for example, PayPal or Venmo). No

Avoiding Inspection

Emails with Links to Restricted Resources

Detects emails that contain links to restricted-access resources.

No

Emails Appearing to Be from an E-Sign Service

Detects emails that contain potentially malicious e-signature links.

No

Reporting Phishing Emails from Outlook

If an administrator enables the Report Phishing checkbox in the Outlook Add-In Configuration, the system adds a Report Phishing button to Outlook. It allows users to report suspicious emails directly from their inbox using the Report Phishing button.

Reporting Flow

When the Report Phishing button is clicked, the add-in performs the following actions:

  1. Re-analyzes the reported email in real time using Harmony’s AI-based security engine.

  2. The add-in displays a verdict within seconds:

    • Clean

    • Inconclusive

    • Phishing

  3. It also displays the reasons behind the verdict, providing transparency into the analysis.

Note - All phishing reports are handled according to the Reviewing Phishing Events settings configured in the Harmony Email & Collaboration Administrator Portal.

This functionality streamlines user reporting and enables faster and more accurate threat detection without requiring security expertise from end users.

Accessing the Email Security Portal from Outlook

If an administrator enables the Email security portal checkbox in the Outlook Add-In Configuration, the system adds an Email Security Portal button to Outlook, which provides:

  • Secure access to the Email Security Portal without re-authentication.

  • Real-time badge indicators for:

    • Newly quarantined emails since the last visit.

    • Updates on restore requests.

    Note - This capability uses the same Outlook Add-In deployment and does not require a separate installation.

Configuring the Maximum Alerts shown to the End Users

When the maximum number of alerts is reached, the system displays only the highest priority alerts to users, based on the prioritized list.

To configure the maximum number of alerts shown to end users:

  1. Go to User Interaction > Misdirected Emails.

  2. From the Max alerts shown to end user dropdown in the top-right corner, select the required number alerts to display.

  3. Click Save Changes.