Where did all the Microsoft / 365 / Office templates go?

Phishthreat PayPal template (We detected unusual activity on your PayPal account) is broken. Shows a gigantic exclamation mark at the start.

Why Sophos Support replying so slowly, we created a ticket 2 weeks before with a high severity, and your support colleague just reply me after more than 4 days, and we were in hurried to figure out how the problem is. However, after a few days your colleague just ask me to give him some basic information and ask me to turn on the remote access again after a week. Well, it's lucky that we could figure out the problem by ourselves but not the Support. Can't believe it takes such a long time to handle a high severity ticket!

I receive an alert that Sophos needs one full disc and access to my computer for an update. Is this you or a hack?

I'm finding that customers who have access to work emails on a mobile phone are more susceptible to clicking on malicious links. This is because it's not as obvious as on a desktop where you can hover over the link. Depending on the phone app, sometimes even the From: address fields are hidden and harder to pick out the email address because it would just read the sender's name. I'd love to see training that can be offered through this service to focus on these areas.

Low quality support. Basically my support ticket was closed without any serious investigation.
Low quality service. Most of the domains used are blocked by SafeBrowsing/SmartScreen -> are useless for training purposes.

We use the VIP impersonation quite a lot, however the problem is that our users display names are in the format "Surname, Firstname", which means that it doesnt catch our users by default. We have to manually create another user in Sophos, and assign both users. It would be great if the VIP impersonation tool could identify the users firstname and surname no matter which way around it is. The whaling emails usually come through firstname + surname.

When a user receives a phishing campaign from phish threat on an iPhone they try to hover over the link by clicking and holding. When they do this though it still classes it as a click and enrolls them in training. I don't know whether this can be corrected or not, but I thought I would report it.

Is it possible to add a comment field for the user so we can add if they called verbally and reported a phish email?

It seems like the percentage of employees that report the email should be based on opening it vice simply being included in the campaign.

The opening percentage is valid and the caught percentage seems appropriate as an overall statistic, but reporting seems like it has to be tied to opening to have any idea how effective the effort to train employees to report suspicious mail.

When we run campaigns, we would like "caught" users to be immediately reported via email to a specific email address in real time so we don't have to continually run the results report. If this could generate the training URL also but instead of sending it to the user, send it to the notification email address, that would allow us to take faster action versus learning about the issue a day or so later.

Hello Team,

Requesting to Extend the archive logs for Sophos Central Log.io for Phish Threat Campaign for 30 days or more as this will be helpful for the customer and for the technical support to perform further investigation for the behavior of campaign that run for 30 days.
For your assistance please. Thank You.

3 Things that the Sophos Phish Threat really needs to address sooner rather than later (That competing products such as InfosecInstitute IQ already have):
1) The ability to save and name custom templates
2) The ability to save an unfinished campaign design for later completion (and the ability to edit during a live campaign for mistakes missed in the initial proofreading)
3) The ability to vary the scope of campaign duration for shorter than a month.

Please allow automated email reports with a screen dump of the campaign email and training. This is a great tool, but needs much more work on reporting.

It would be great to be able to report on how many times the Report Button in Outlook is used per month

I am reporting feedback from our staff about the "Cracked E-mail Extortion" Phishing Threat training. Here is the feedback from our staff : "If you have a chance to give Sophos feedback, this cartoon was gross and made me uncomfortable. Just teaching us how to read the email header would have sufficed – like the first training. Thank you for passing that along to them!"

Skylar Melo
Sophos Technical Support
Assisted me with an issue we had. He took the time to describe the alert, fix the alert, then confirm that the threat was eliminated. Great job.

We would like the possibility to choose the placing of the "Open attachment image" Sophos embeds in the attachment. On some devices the image (when it doesn't open correctly) it takes up half the screen and users ignore the message from the admin below. So we would like to place that image on the bottom.

It would be useful to be able to manually mark an message as reported for a person as we cannot use the outlook plugin but we do have our users reporting spam / phishing through another mechanism.