I don't understand why the outlook plugin for Sophos Phish Threat suddenly doesn't support Exchange 2013

The Phishing system Landing Page and email templates could do with a little more work.
Enrollment emails can be customised and seem okay. the reminder emails can be customised but changes are applied across all the reminders sent from all campaigns. As the users are more likely to see multiple reminders than the initial emails it should be possible to customise the reminder for each campaign.

There is little to show which template is being used by which campaign or what the outcome of making a change to the reminder template on one would be across multiple campaigns.

I have found that Phish Threat gets its {FirstName} and {LastName} by parsing the "displayname" attribute. This cannot be a normal process as there are already fields for "firstname" and "lastname". This causes us issues when we send out notices as our display names are "LastName, FirstName" to properly display/search in Outlook.

This seems like it would be an easy fix. We are running the AD import, so that has to be capturing the correct fields.

Thanks,

Report the training score of the user. It's nice to know they completed training and passed, but I'd like to see the percentage score.

Hola,

Acabamos de de lanzar una campaña de Phish Threat de Sophos. La cuestión es que cuando se entra en la formación de phishing da un "Page not found" al visitar:

https://staysafe.sophos.com/lesson/phishing-interactive_es/

Gracias de antemano,
Un saludo

i would like an option to be able to mark a user as taking the training manually in Phish threat campaigns. That way if we have a big group we can do a training class together and mark them a completed. This way the reports will be accurate.

I just learned that the feature to see Phish Threat (V2) statistics from the End User's record is not available. This is incredibly lame. Why would you role out a product with less functionality than the previous version? I understand that you are building V2 from scratch, but being able to see user stats would seem to be a very important feature.

I like the new Sophos Phish Threat, however, our company does not use Exchange or Office365 for our MTA and therefore I cannot use the Phish Threat Outlook add-in for the new 'reported' features.

We currently use Outlook with an on-premise Kerio Connect server protected by a virtual Sophos Email Appliance. We do use your original Sophos Outlook Add-in (v 1.3.6). Will you be enabling this add-in to work in conjuction with Sophos Phish Threat reporting instead of just reporting to Sophos?

Thanks,
Scott McMillan
mcmillan@beatties.com

Phish Threat subscribers should be able to send phishing emails from custom domains owned by the customer, which closely emulate and attempt to impersonate the actual customer domain.

When using PhishThreat, if a user clicks on a phishing link, or submits credentials into a credential harvesting page, the user should be given immediate feedback about what they did and the red flags that they should have noticed in the phishing email (i.e. From and reply-to mismatch, sense of urgency, spoofed URL, etc.). The auto-enrollment to a generalized training module does not provide specific guidance regarding the actual attack that they fell victim to.

I would like to see the capability for the Phish Threat to watch a mailbox for people to forward on phishing emails. Only a small percentage of the people have outlook.

While creating a campaign, I would like to be able to save the campaign as I go to avoid losing progress if I'm pulled away from my desk.

I would really appreciate having the Communication component retained or added back into Phish Threat V2. I used it every other week in V1 and will miss it greatly. It allowed me a quick and easy way to create security newsletters to the same group of users who were involved in our phishing campaigns. Thanks for listening.

Inside Phish Threat, we would like to see the ability to sort available users that we are adding to a campaign by: whether the user is a Active Directory User vs. Sophos-Managed User.

There was a great feature in the US version that allows any new users to automatically receive a training/phishing test email. This is great as it sets the tone of our security from day one, however this feature does not appear in the UK datacenter version.

I would like to be able to choose multiple training courses when setting up a training campaign. I understand this is a feature which can be enabled.
Thank you

Make it so we can manually send training reminders.