Hopefully, you are aware that Microsoft 365 provides users the ability to report a suspected email. I have spoken about this here:
Improved security is a shared responsibility
What you may not be aware of is that these submissions can viewed and action in the Microsoft Security Center:
https://security.microsoft.com
under the Submissions menu option as shown above.
You may also not be aware that there are further actions you can take in here:
You can provide feedback directly to the user about their submission using the Mark as an notify option as shown above.
Doing so will send the user an email, like that shown above, to provide feedback about that submission for the user. Doing provides important reinforcement of users remaining vigilant as well as helping them better identify threats.
You’ll also find actions you can take on that message that will provide feedback directly to Microsoft, as shown above.
Even better, if you go into Policies & rules | Threat Policies | User submissions you are able to customise what is sent to the user, both before and after reporting as shown above.
For more information on these capabilities visit:
Admin review for reported messages
Getting users involved in security is important. Part of that is providing them feedback and recognition of their contribution, no matter how small. Using these capabilities for reported messages, you are able to do that quickly and easily.