Review the customer questionnaire.

Step 1: Add Expel email communications to your allow list

Establish trust by adding inbound and outbound emails to your allow list.

  • Outbound: custom forwarding email (provided by Expel): <companyidentifier>@expel-phishing.io.

  • Inbound: acknowledgement and outcome response emails from Expel: soc@expel.io.

Step 2: Forward phishing submissions

Expel includes phishing submission buttons for Microsoft 365 and Google Workspace for forwarding phishing emails.

Tip

If the above button can't be deployed, you can forward your phishing inbox submissions to Expel with original phishing email as an EML attachment to the custom forwarding email destination provided by Expel.

Send a test email submission to Expel using your customer forwarding email provided by Expel. Indicate in that email “This is a test for the Expel Managed Phishing service.”