CybSafe offers a Google Workspace App that allows successful reports of CybSafe phishing emails in Gmail to be represented in phishing reports.
The first step is to install the CybSafe Google Workspace app
Installing the CybSafe Google Workspace app
To enable CybSafe to access Google Cloud Platform behaviour-related data, domain wide authority needs to be delegated to Cybsafe’s service account. See Google’s documentation for reference here
Go to Security / Access and data control / API controls → Select Manage Domain wide Delegation, and Add new. Direct link
The client id for our production app is: 112617549266209094482
The following OAuth scopes need adding: <https://www.googleapis.com/auth/admin.reports.audit.readonly>, <https://www.googleapis.com/auth/apps.alerts>
Enter your GCP Admin email and Google Customer ID Account / Account settings Direct Link
Send the Customer ID and Primary Admin Email to firstname.lastname@example.org with the subject “Activate Google Workspace Integration”. CybSafe will then finish the integration in our system.
After this is completed the app will be installed.
Using Report Phishing in Gmail
Once the app has been installed users that successfully report a CybSafe phishing email will have that report come through on our reporting pages.
All a user needs to do is use the native report phishing functionality below:
If the reported email is a CybSafe phishing email it will be reflected in all our phishing reporting pages.