+1 (877) 634-6847
Customer Support
PhishingBox
Request Demo Sign Up 14-Day Free TrialNo Credit Card Required.
Inbox Threat Reporting

KillPhishTM

Scan suspicious emails, report threats fast, and reinforce safer inbox behavior across desktop and mobile.

KillPhish gives users a clear way to flag real or simulated threats in Outlook and supported environments while security teams gain better reporting signal, clearer explanations, and more useful coaching opportunities.

Scan Review suspicious emails with clearer explanations about links, sender cues, and risk signals.
Report Route suspicious messages from Microsoft and Google environments back to security teams faster.
Coach Connect inbox behavior to live coaching, newer risk scoring, and better follow-up actions.
View Features Request Demo
Microsoft Outlook logo
KillPhish email scanning and reporting demonstration
Scanning Email Check risk signals

Explain links, sender cues, and technical indicators in plain language before users trust the message.

Reporting Emails Escalate suspicious emails

Send suspicious messages to security quickly so intent and next actions can be reviewed faster.

Security Coaching Turn inbox moments into training

Reinforce safer behavior with guidance that connects what happened to the next best response.

Scanning & Reporting

Give users a faster way to handle suspicious emails

KillPhish helps Microsoft 365 users scan suspicious emails across Outlook desktop, web, and mobile while giving Microsoft and Google users a fast way to report suspicious messages to the security team. Each inbox decision becomes a teachable moment that can feed your broader Human Risk Management program, especially when paired with AI-assisted explanations and follow-up guidance.

01

Scan known threat indicators

Review suspicious messages against domains, IPs, SPF records, keywords, and other signals that help explain why an email deserves a closer look.

02

Report real or simulated phish quickly

Let users flag threats from the inbox so the security team can respond faster and reported phishing simulations can still feed reporting metrics and follow-up workflows.

03

Reinforce what safe behavior looks like

Use live inbox guidance to help users understand what they missed and connect that behavior back to training, remediation, and follow-up reporting.

Outlook Add-In
KillPhish reporting interface and scan workflow
Live inbox guidance Help users understand why a message looks risky before that decision becomes a bigger problem.
Go to FAQs Common KillPhish questions
Human Risk Management

Use individual risk scoring for the fuller picture

Human Risk Management gives every employee a dynamic risk score based on simulation performance, training engagement, real-world behavior, and inbox activity. KillPhish reporting becomes one signal inside that broader view, so teams can prioritize coaching with more context than a single legacy metric provides.

Simulation performance Training engagement Real-world behavior Inbox reporting
Legacy metric note: Net Reporter Score is still available inside KillPhish reporting for teams that want it, but Risk Score is the more complete model.
See Human Risk Management
Human Risk Management workflow
Integrations

AI and inbox platform support that makes risky emails easier to understand

Bring AI-assisted analysis into the broader PhishingBox platform so users and admins can understand why a message looks risky in plain language, infer likely intent, and support the next behavioral action while keeping KillPhish aligned with Microsoft 365 and Google Workspace workflows.

OpenAI

AI Assistance

Use OpenAI with PhishingBox to translate technical email signals into plain-language explanations, summarize suspicious intent, and support recommended follow-up actions.

AI Analysis Automation
View Integration

Anthropic

AI Assistance

Use Anthropic inside PhishingBox to help explain why a message looks risky, interpret likely intent, and give users clearer coaching inside their workflow.

AI Reporting Workflows
View Integration

Google Gemini

AI Assistance

Bring Google Gemini into PhishingBox for AI-assisted analysis that can identify suspicious patterns, infer intent, and suggest behavioral next steps.

AI Content Workflows
View Integration

Microsoft

Inbox Platform

Support scanning and reporting workflows inside Microsoft 365 with Outlook desktop, web, and mobile coverage.

Mail Outlook Microsoft 365
View Integration

Google Workspace

Inbox Platform

Give Google Workspace users a fast reporting path so suspicious emails can reach the security team without slowing people down.

Mail Workspace Reporting
View Integration
Browse All Integrations
Platform Features

KillPhish Features

Give users a faster way to scan and report suspicious emails while security teams connect inbox behavior to reporting metrics, coaching, and AI-assisted follow-up workflows.

Powered by AI

Use OpenAI, Gemini, or Anthropic APIs to translate suspicious email signals into clearer explanations, summaries, and follow-up guidance.

Easy to Deploy

Roll out the reporting button across Google and Microsoft environments, with inbox scanning available for Microsoft users.

Live Inbox Training

Turn real email reviews into teachable moments and tie that behavior back to broader human risk management efforts.

Extend the Endpoint

Push endpoint protection further by helping users distinguish legitimate messages from real threats right in the inbox.

Multiple Sources

Pull together IPs, domains, email addresses, keywords, and other indicators from multiple threat sources.

Net Reporter Score

Use a simple, understandable metric to measure how consistently users identify and report suspicious messages.
FAQ

Questions Teams Ask About KillPhish

Review how KillPhish works across devices, how reporting behavior affects phishing simulation metrics, and how inbox scoring and coaching are managed.

What email environments does KillPhish support?

KillPhish supports Microsoft 365 mailboxes across Outlook desktop, Outlook on the web, and Outlook mobile. It also supports reporting workflows for Google Workspace so suspicious messages can still be routed to the security team.

Can I customize what users see after they report an email?

Yes. You can customize the confirmation message shown after a successful report so it matches your workflow and helps reinforce the right next step for users.

What happens when a phishing simulation is reported through KillPhish?

When a PhishingBox simulation is reported through KillPhish, the reported action is logged on that phishing test report. As part of that workflow, the Net Reporter Score or NRS can also be updated.

How does KillPhish determine whether an email looks suspicious?

KillPhish reviews multiple indicators such as domains, IP addresses, SPF records, sender cues, keywords, and other threat signals. Those inputs help explain why a message deserves a closer look instead of relying on guesswork alone.

Can admins disable email scoring in KillPhish?

Yes. Email scoring can be turned off in KillPhish if your team wants the reporting workflow without the scoring layer.

What is live inbox training in KillPhish?

Live inbox training gives users immediate context about why a message looks risky. That turns each review into a teachable moment and helps reinforce safer inbox decisions over time.

What happens after a user reports an email with KillPhish?

When a user reports an email, KillPhish helps route that message for review. If you are leveraging Security Inbox, the reported email can flow into Security Inbox to be managed, analyzed, and worked by the security team.

Does KillPhish require Security Inbox to work?

No. KillPhish can still help users report suspicious emails without Security Inbox. If you also leverage Security Inbox, reported messages can be centralized there for deeper analysis and management by the security team.

Can KillPhish help explain suspicious emails in plain language?

Yes. KillPhish can support AI-assisted explanations that translate technical email signals into clearer, easier-to-understand guidance. Learn more on the Powered by AI page.

Does KillPhish work for both real phishing emails and phishing simulations?

Yes. KillPhish can support both real-world suspicious email reporting and phishing simulation reporting. Reported simulations can still feed reporting metrics and help update Net Reporter Score workflows.

How does KillPhish connect to Human Risk Management?

KillPhish reporting becomes one signal inside broader Human Risk Management, alongside simulation performance, training engagement, and real-world behavior. That gives teams more context for coaching, remediation, and follow-up actions.

Can KillPhish reinforce safer behavior after a user reviews or reports a message?

Yes. KillPhish can reinforce safer behavior by showing users why a message looks risky and helping connect that inbox decision to coaching, remediation, and better follow-up actions.