Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
KillPhish is a Microsoft 365 Office/Outlook Add-In provided by PhishingBox. Based on the captured content, its core positioning is not as a standalone gateway or email filtering product, but as a phishing email reporting add-in for Microsoft 365 users. Administrators can download the KillPhish manifest file from the Reporting Settings page in the PhishingBox Portal and deploy it through the Microsoft 365 admin center.
In terms of protection type, KillPhish is more of a security operations entry point for “user reporting of suspicious emails.” It is suitable for use alongside phishing simulations, email security analysis, or internal response workflows. The deployment process is fairly straightforward: administrators log in to Microsoft 365, go to Settings > Integrated apps, upload the custom app manifest, select the deployment targets, and accept the permissions required by KillPhish. The access scope can be set to Everyone, Specific Users/Groups, or Only me, making it convenient to run a small pilot before rolling it out more broadly. One point to note is that Outlook add-ins may take up to 24 hours to appear in users’ ribbons.
Its integration capabilities are mainly reflected in the Microsoft 365/Outlook add-in ecosystem, relying on the Microsoft 365 admin center for centralized distribution and permission consent. The available content does not explain what happens after a report is submitted, such as alerts, quarantine, automated analysis, SIEM/SOAR integration, audit logs, or management reporting. It also does not mention compliance certifications such as SOC 2, ISO 27001, or GDPR. Therefore, if an organization has strict requirements for auditing and closed-loop incident response, it should further confirm the Portal backend capabilities with the vendor.
The captured content does not disclose pricing, plans, payment methods, or whether KillPhish is included in a PhishingBox subscription. Its advantages are a standardized deployment path, close alignment with Microsoft 365 workflows, and flexible rollout by user or group. The downsides are that the public information focuses mainly on installation instructions, making it hard to assess detection accuracy, response capabilities, and service support quality, and that add-in activation may be delayed by up to 24 hours.
KillPhish is suitable for small, midsize, and large organizations already using Microsoft 365 that want employees to report suspicious emails conveniently. It is especially relevant for security awareness training and phishing simulation scenarios. The captured content provides no information about access from China, so actual connectivity to Microsoft 365 and the PhishingBox Portal, as well as payment and contract arrangements, should be tested and confirmed separately. Comparable alternatives include Microsoft Defender for Office 365, Cofense Reporter, and KnowBe4 Phish Alert Button.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on killphish.com official site.
killphish.com is an United States Security provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach killphish.com directly.