Low quality support. Basically my support ticket was closed without any serious investigation.
Low quality service. Most of the domains used are blocked by SafeBrowsing/SmartScreen -> are useless for training purposes.

We use the VIP impersonation quite a lot, however the problem is that our users display names are in the format "Surname, Firstname", which means that it doesnt catch our users by default. We have to manually create another user in Sophos, and assign both users. It would be great if the VIP impersonation tool could identify the users firstname and surname no matter which way around it is. The whaling emails usually come through firstname + surname.

When a user receives a phishing campaign from phish threat on an iPhone they try to hover over the link by clicking and holding. When they do this though it still classes it as a click and enrolls them in training. I don't know whether this can be corrected or not, but I thought I would report it.

Is it possible to add a comment field for the user so we can add if they called verbally and reported a phish email?

It seems like the percentage of employees that report the email should be based on opening it vice simply being included in the campaign.

The opening percentage is valid and the caught percentage seems appropriate as an overall statistic, but reporting seems like it has to be tied to opening to have any idea how effective the effort to train employees to report suspicious mail.

When we run campaigns, we would like "caught" users to be immediately reported via email to a specific email address in real time so we don't have to continually run the results report. If this could generate the training URL also but instead of sending it to the user, send it to the notification email address, that would allow us to take faster action versus learning about the issue a day or so later.

Hello Team,

Requesting to Extend the archive logs for Sophos Central Log.io for Phish Threat Campaign for 30 days or more as this will be helpful for the customer and for the technical support to perform further investigation for the behavior of campaign that run for 30 days.
For your assistance please. Thank You.

3 Things that the Sophos Phish Threat really needs to address sooner rather than later (That competing products such as InfosecInstitute IQ already have):
1) The ability to save and name custom templates
2) The ability to save an unfinished campaign design for later completion (and the ability to edit during a live campaign for mistakes missed in the initial proofreading)
3) The ability to vary the scope of campaign duration for shorter than a month.

Please allow automated email reports with a screen dump of the campaign email and training. This is a great tool, but needs much more work on reporting.

It would be great to be able to report on how many times the Report Button in Outlook is used per month

I am reporting feedback from our staff about the "Cracked E-mail Extortion" Phishing Threat training. Here is the feedback from our staff : "If you have a chance to give Sophos feedback, this cartoon was gross and made me uncomfortable. Just teaching us how to read the email header would have sufficed – like the first training. Thank you for passing that along to them!"

Skylar Melo
Sophos Technical Support
Assisted me with an issue we had. He took the time to describe the alert, fix the alert, then confirm that the threat was eliminated. Great job.

We would like the possibility to choose the placing of the "Open attachment image" Sophos embeds in the attachment. On some devices the image (when it doesn't open correctly) it takes up half the screen and users ignore the message from the admin below. So we would like to place that image on the bottom.

It would be useful to be able to manually mark an message as reported for a person as we cannot use the outlook plugin but we do have our users reporting spam / phishing through another mechanism.

Does the Audit Log have entries for Phish Threat?
I added a Campaign and saw nothing in the Audit Logs.
Thank you,
Patrick Moubarak
patrick.moubarak@sophos.com

I used the LinkedIn invitation to connect recently on my users. I would like to see a second LinkedIn template to mirror the followup email that LinkedIn sends if you don't connect with that person right away. That way, if they ignored the first one, they might see the second one and think it is legit.

Sophos Phish is a great product, BUT some of the training materials need updating, for example the GDPR one says it will replace old legislation, well, it did, over a year ago

Some updates would be very welcome

It would be nice if there was a way to copy a previous phishing campaign and be able to just modify it slightly instead of having to recreate an entire new one.