How can I turn off the "Results on the email you reported as Phish" notification?

Question

How can I turn off the "Results on the email you reported as Phish" notification?

Trent Greenough 25

Lately, when users have been reporting phishing emails using the integrated Report Button in Outlook, they have promptly been receiving a message from *** Email address is removed for privacy *** that states the message is clean when in fact the message is malicious causing users to click the link. I am assuming this is because defender has only performed a quick scan and has not finished the deep analysis yet. I really want to turn this notification message off but cannot find anywhere to do so. This is directly causing a security risk. I also don't see the need for a user to get this instant feedback since they are already suspicious of the email. If we could turn this off, worst case scenario would be they report the message but then think it was in fact safe and request it to be released. That way we can look at it before we release it.

Answer accepted by question author

0 additional answers

Your answer

Answer 1

Killian-N 4,655 Microsoft External Staff Moderator

Hi @Trent Greenough,

Thank you for posting your question in the Microsoft Q&A forum.

I understand how receiving an immediate “clean” notification after reporting a phishing email can create confusion and even pose a security risk if users assume the message is safe.

Currently, these notifications are part of the Alert policy feature in Microsoft Defender for Office 365. When a user reports an email using the built-in Report Message or Report Phishing button, the system sends an automated response based on the initial verdict (e.g., no threat found, spam, phishing, or malware). This is designed to provide transparency and user education, but as you noted, it can sometimes lead to unintended behavior if the verdict changes after deeper analysis.

You can disable it, below is how to do it:

Sign in to Microsoft 365 Defender portal.
Choose Email & collaboration > Policies & rules > Alert policy
Search for "Email reported by user as malware or phish" and click on it
You can turn it off by click on the switch button next to "Status"

User's image For reference, you can see: Alert policies in Exchange Online

Please understand that our initial response does not always resolve the issue immediately. However, with your help and more detailed information, we can work together to find a solution.

I hope this information is helpful. Please follow these steps and let me know if it works for you. If not, we can work together to resolve this.

Thank you for your patience and your understanding. If you have any questions, please feel free to reach out.

I'm looking forward to your reply.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Trent Greenough 25 Reputation points

2025-10-20T14:41:10.4+00:00

Killian,

Thank you for the response! Will this turn the "email reported by user as malware or phishing" alert completely off? Or just turn off the notification to the user?
Killian-N 4,655 Reputation points Microsoft External Staff Moderator

2025-10-20T15:54:16.2166667+00:00

Hi @Trent Greenough,

Thank you for your response.

Regarding to your question, disabling the alert policy will completely stop the alert from being generated, which means neither admins nor users will receive notifications for emails reported as malware or phishing.

Unfortunately, there isn’t a built-in option to only suppress the user-facing notification while keeping the alert active for admins. The toggle in the Microsoft 365 Defender portal controls the entire alert policy, so turning it off removes both the alert and the associated notifications.

Thank you so much for your patience and understanding throughout this process. If you have any questions or need further support, please don’t hesitate to reach out at any time.

As other users will also be looking for information in this community, please click on "Accept Answer" and feel free to vote for this answer. Your valuable vote will definitely help other users with similar questions to find the right channel and useful information more easily.

Thank you for your kind words.

Note: Please follow the steps in our documentation to enable email notifications if you want to receive notifications related to this thread.
Trent Greenough 25 Reputation points

2025-10-20T16:12:17.3833333+00:00

Killian,

Thank you for the quick response and the insight/information. I will use this information to make a decision on how I want to move forward. Thanks again!
Killian-N 4,655 Reputation points Microsoft External Staff Moderator

2025-10-20T19:30:40.19+00:00

Hi @Trent Greenough,

Thank you for your follow-up. I'm glad that my information helps.

Please don't hesitate to reach out again if you need any further assistance. I'm happy to help.

Share via

How can I turn off the "Results on the email you reported as Phish" notification?

0 additional answers

Your answer