PhishNotify Installation

The PhishNotify plugin is a powerful tool to help keep your organization safe from malicious emails. The plugin allows users to seamlessly report suspicious emails to your system administrators.

You can find the installation media and license key for the PhishNotify plugin, in your SecurityIQ account settings.

System Requirements

  • Windows 7 or newer with Outlook 32 bit, 64 bit or Outlook 365, Gmail (accessed  through the Chrome web browser)
  • .NET version 4.5.2 or newer
  • Open Port 443 TCP (SSL/HTTPS)  work stations so the plugin can communicate with our servers
  • Administrative rights to install software on the workstation

Plugin Behavior

It’s a good Idea to configure the plugin before installation. The following settings are found in your SecurityIQ setting under “Messages and Behavior”.

  1. Upload Email Contents: Enabling this will send the email to our servers for inspection by your team.
  2. Upload Email Attachments: Enabling this will send related attachments to your SecurityIQ Quarantine.
  3. Email Actions: After a user reports an email automatically mark as spam, move to trash or do nothing.
  4. Message When Learner: Change the messages a user receives after reporting an email.
  5. Quarantine Notifications: Select how often you want email notification about quarantined emails. You can select the who receives the emails by clicking the Change Recipients button.
  6. See how this  feature works with PhishNotify+ Defender for more visit:
    http://resources.infosecinstitute.com/securityiq-awareed-and-phishsim-users-manual-pt-3-learners-groups/#defender

Accessing the PhishNotify plugin and Licence Key

  1. Click on the gear icon to access your SecurityIQ Account Settings page.
  2. Take note of your license key and download the plugin you wish to install. 

Registry Edits for Outlook Plugin

In certain situations, Outlook may disable the PhishNotify plugin. Making the below windows registry edits can prevent Outlook from doing this.

For more about editing Windows registry keys visit: https://support.microsoft.com/en-us/help/136393/how-to-modify-the-windows-registry


[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\15.0\Outlook\Resiliency\AddinList]

“SecurityIQPhishNotify” = “1”


[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Resiliency\AddinList]

“SecurityIQPhishNotify” = “1”


Basic Installation for Outlook

  1. Run the installer:
  2. Enter your License Key:
  3. Restart Outlook and check the ribbon for the PhishNotify plugin: 

Command Line Installation Outlook

Run the following as administrator.

The plugin can be installed using the msiexec.exe installer. This in combination with Group Policy will help with a company-wide deployment.

msiexec /quiet /i PhishNotify.msi LICENSE_CODE=aaaa-aaaaa-aaaaa-aaaa

 

Uninstall

The plugin can be uninstalled using the original installation media or the msiexec.exe installer.

msiexec /x PhishNotify.msi

 

Group Policy installation

  1. Start by deploying to one workstation within your organization.
  2. Create a shared folder on your server (read-only for Domain Computers), for example, C:\deploy shared to \\server\deploy
  3. Copy PhishNotify.msi into this directory
  4. Make sure the domain computers have access to the shared folder
  5. Create a batch file called phishnotify.bat in the shared folder with the following 3 lines of code:
    copy \\server\deploy\PhishNotify.msi C:\
    msiexec /quiet /i C:\PhishNotify.msi LICENSE_CODE=aaaa-aaaaa-aaaaa-aaaa
    del C:\PhishNotify.msi
  1. Open the Group Policy Management Console, create a new GPO under Computer Configuration > Startup Script.
  2. Click the Add button.
  3. Place the full path to the phishNotify.bat in the script name field.
  4.  E.g. \\server\deploy\phishNotify.bat
    • Click OK, and close Group Policy Management Console.
  5. Refresh group policy on the client by running gpupdate /force  from the command prompt.
  6. Verify the installation by opening Outlook and finding the PhishNotify plugin in the ribbon.

Group Policy Uninstall

To uninstall follow the same process of creating a GPO. Change your batch file for removal.

msiexec /quiet /x C:\PhishNotify.msi LICENSE_CODE=aaaa-aaaaa-aaaaa-aaaa

 

Office 365 Installation

  1. Extract the plugin to the directory of your choice.
  2. Follow the official Microsoft documentation found here: https://support.office.com/en-us/article/Deploy-Office-add-ins-in-the-Office-365-admin-center-737e8c86-be63-44d7-bf02-492fa7cd9c3f

Google Chrome Basic Installation

This plugin is designed to work Chrome while using the Gmail web interface.

  1. In your SecurityIQ Account Settings page click Install via Google App Store.
  2. Next, click add the Add To Chrome button.
  3. Nex, Click Add Extension.
  4. Next, enter your license key and click Check License.
  5. You should now see the PhishNotify plugin in the upper right-hand side of your Chrome window.
  6. In the Chrome Browser navigate to the Gmail account that you wish to use the plugin with. Select an email to view. The PhishNotify icon should now be red. Click the icon. Then click Authorize with Gmail. Finally, allow the plugin access so that emails can be reported. The PhishNotify plugin is now ready to use.

Installing the PhishNotify Plugin Through the Google Dashboard

The following instructions will allow you to use the Google dashboard to install the PhishNotify plugin across your organization’s Google Domain. The plugin is designed to work with Chrome while accessing Gmail.

Step 1: Publishing the app

  1. Download the PhishNotify Gmail Plugin from your SecurityIQ Accounts Setting page.
  2. Sign into the Chrome Web Store to publish the plugin. https://chrome.google.com/webstore/developer/dashboard
  3. Click on the Add new item button and browse to select the PhishNotify.zip file.
  4. Once the upload completes, scroll down and select the category and language for the plugin.
  5. Select Private and Everyone at (your domain), then click Publish changes. This process can take up to 60 minutes before the plugin is ready.

Step 2: Force-install the app

  1. Sign into your Google Admin console
  2. From the Admin console dashboard, click on Device management > Chrome management > User settings
  3. Select the appropriate organization.
  4. Scroll down to Force-installed Apps and Extensions and click Manage force-installed apps.
  5. Select Domain Apps, click Add, then click Save.
  6. Finally, at the bottom of the Admin Console, click Save.