RansomLeak Reporter turns every Gmail™ message into a one-click phishing report. When a user spots a suspicious email, they click "Report as phishing" in the side panel — the message ID, reporter email, and timestamp are instantly forwarded to your RansomLeak security team for analysis and triage.

WHY INSTALL RANSOMLEAK REPORTER

• Close the loop on user reports. Phishing simulation programs only work if users can actually report what they see. This add-on makes reporting one click instead of remembering an inbox address.
• Feed your awareness training program. Every report flows into RansomLeak's analytics dashboard with report rates per user, team, and campaign — and triggers targeted training for repeat clickers.
• No service-account headaches. Authentication is a single per-tenant API key. No domain-wide delegation, no super-admin OAuth grant, no waiting for IT to configure service accounts.

HOW IT WORKS

1. Your security admin opens RansomLeak → Phishing Simulations → Transports → Google Workspace™ reporter and rotates a fresh API key.
2. Each user opens the add-on, pastes the key, and clicks Save. The key is stored per-user in Google's encrypted user properties.
3. Open any Gmail™ message and click "Report as phishing" in the RansomLeak side panel. The message stays in Gmail™; only the metadata is sent.

PRIVACY AND DATA HANDLING

• Data minimization: only the RFC 5322 Message-ID, reporter email, and timestamp leave Gmail™. Bodies, attachments, and recipient lists are never transmitted.
• Minimum-privilege scopes: the add-on requests gmail.addons.current.message.metadata — it cannot read message bodies even if it wanted to.
• Per-tenant isolation: each customer's API key is bound to their RansomLeak tenant; reports from one customer cannot reach another.
• Rotatable and revocable: rotate or revoke compromised keys from the Transports page — old keys stop working immediately.

ABOUT RANSOMLEAK

RansomLeak is a security awareness training platform that runs phishing simulations, delivers compliance training, and tracks per-user resilience over time. Learn more at https://ransomleak.com.

Gmail™ and Google Workspace™ are trademarks of Google LLC. RansomLeak is an independent product and is not affiliated with, endorsed by, or sponsored by Google LLC.