Sophos Phish is a great product, BUT some of the training materials need updating, for example the GDPR one says it will replace old legislation, well, it did, over a year ago

Some updates would be very welcome

It would be nice if there was a way to copy a previous phishing campaign and be able to just modify it slightly instead of having to recreate an entire new one.

Please provide an option to disable the "report threat" feature in Phish Threat for non compatible environment (we use Gmail, users will never be able to report threat via Outlook)

Please include some method for randomizing the delivery time of the phish threat emails. We have done three campaigns using the 'series' option and users have already started talking about how the emails all seem to come at the same time.

Education is heavily G Suite, but Phish Threat is very Microsoft focused. Releasing a reporting add-on for Chrome to include Google G Suite users in the response timeline stats would greatly enhance this product's appeal in the K12 vertical.

Permettre l'accès aux modules de formation pour un administrateur en dehors de la création d'une campagne de sensibilisation. Cela permet de vérifier si le contenu est pertinent et adéquat par rapport aux règles de l'entreprise.

Customers would like to see more regional phish threat campaign contents i.e New Zealand, Banking ANZ, Kiwi Bank, BNZ, NZ Police

Repeat a campaign, and use a campaign as a template, could be quite useful features.

The training module for "Interactive Phishing" does not clearly inform the user when training is complete. After completing the interactive portion and the quiz there is only a small line of quiz complete text and the bottom button loops back to the training. We've had a few users complain about how they couldn't tell when training was actually complete.

Allow users to be added to existing campaigns. Right now if you want to add one user to a campaign you cannot. You have to create a whole new campaign for them. It should be a simple matter to add users.

I can't see the results of the Phishing Threat training quizzes. Only that they completed it.

Phish Threat - Dashboard. The User count used for reporting is bogus if we are not using AD. We need the ability to count the Phish threat user record with the email addresses only.

Provide alternative to the 'Outlook Add-in' for threat reporting. Not everyone has the classic Outlook anymore. Sophos customers should have the the ability to enable threat reporting via simple email forwarding to an address owned by the customer (or sophos if required) and/or add a manual check box by an administrator that demonstrates the item was reported.

Will there be an Outlook mobile phone add-on for Sophos Phish Threat that allows a user to report real or simulated phishing attempts, exactly like they are able to on the desktop? Will it allow a phishing campaign run through Phish Threat to record accurate metrics? Many user now use mobile and not being able to report it gives false readings.

Change the URL for phishing training to a Sophos.com URL. The https://sophos-phish-threat.go-vip.co domain confuses our users, and makes them think the training enrollment email itself is a phishing email.

It would be helpful to be able to customize landing pages on a per campaign basis so that additional information or training can be added.

Please include phishpoint type attacks in training for Phish Threat. Attack that sends a OneDrive file share link to users in order to harvest their credentials.

Hi guys, can we please have a teleworking security awareness module created for Phish Threat. Something that covers
- device theft (don't leave laptop the car etc)
- friends/family using the device when at home
- shoulder surfing when in public places

For Phish Threat, it would be handy if there was a way to manually toggle if staff have reported the email as malicious.
For example some staff may drop by IT in person or phone in to raise this as malicious. But as there is not way to manually toggle this, the report on who is reporting emails is not accurate.