Expel incident

Expel Office 365 Phishing button

Minor Resolved View vendor source →

Expel experienced a minor incident on March 17, 2025 affecting Phishing submissions, lasting 13h 57m. The incident has been resolved; the full update timeline is below.

Started
Mar 17, 2025, 12:04 AM UTC
Resolved
Mar 17, 2025, 02:01 PM UTC
Duration
13h 57m
Detected by Pingoru
Mar 17, 2025, 12:04 AM UTC

Affected components

Phishing submissions

Update timeline

  1. investigating Mar 14, 2025, 07:41 PM UTC

    We have identified a problem that is preventing Office 365 users from reporting phishing emails to Expel via Outlook. We will provide an update by 4:30PM EDT.

  2. investigating Mar 14, 2025, 08:32 PM UTC

    We are continuing to investigate this issue and will provide an update by 5:00PM EDT.

  3. investigating Mar 14, 2025, 09:02 PM UTC

    We are continuing to investigate this issue and will provide an update by 5:30PM EDT.

  4. investigating Mar 14, 2025, 09:37 PM UTC

    We are continuing to investigate this issue and will provide an update by 6:30PM EDT.

  5. identified Mar 14, 2025, 10:30 PM UTC

    We have identified a potential root cause and are working on a remediation. The Office 365 Phishing Button continues to be degraded. We will provide another update as soon as possible.

  6. identified Mar 15, 2025, 12:59 PM UTC

    Phishing submissions continue to be degraded for a small number of customers that use the custom Expel Office 365 button. We have identified the root cause and will be rolling out an update as soon as possible. If your button isn’t working, talk directly with your Customer Success Manager (CSM), who will be able to offer you direct & tailored support as we work to resolve this. Alternatively, you can submit phishing emails manually. Visit our Help Center for step-by-step instructions.

  7. identified Mar 17, 2025, 12:04 AM UTC

    Microsoft is rolling out deprecation of legacy Exchange tokens that may prevent your users from being able to report emails using the Expel custom Office 365 Phishing button. Expel is working on development and testing of an updated Expel O365/M365 Phishing button for web and desktop applications that will work with the NAA authentication scheme. Until Expel is able to deploy the newly developed Phishing button, you should follow the instructions from Microsoft (https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/turn-exchange-tokens-on-off) to enable legacy tokens for your tenant. It can take up to 24 hours for this change to take effect. Contact support if you need assistance with this process.

  8. resolved Mar 17, 2025, 02:01 PM UTC

    Microsoft is rolling out deprecation of legacy Exchange tokens that may prevent your users from being able to report emails using the Expel custom Office 365 Phishing button. Expel is working on development and testing of an updated Expel O365/M365 Phishing button for web and desktop applications that will work with the NAA authentication scheme. Until Expel is able to deploy the newly developed Phishing button, you should follow the instructions from Microsoft (https://learn.microsoft.com/en-us/office/dev/add-ins/outlook/turn-exchange-tokens-on-off) to enable legacy tokens for your tenant. It can take up to 24 hours for this change to take effect. Contact support if you need assistance with this process.