When some one receives an email after clicking on a phishing email we send the AttachScreenShot is so small they can't read it at all.

Is there a way to make this bigger. Users have no idea what email link they actually clicked on that was the phishing.

Currently, depending on the campaign type, the user fails the campaign when they do the action the campaign is testing. It would be nice to be able to manually fail users in a campaign. For example, if I ran a credentials harvesting campaign and a user clicks the link but doesn't enter their credentials. The system wont mark them as fail. However, in our opinion that is a failure. I would like to be able to manually mark the user as failed the campaign.

Currently, the only way to see the current state of a campaign (i.e. who click, who opened, etc.) is to login to the portal. It would be nice if there where an option to configure for the system to send an email. For example, an email could be sent to a specific address when a user in a campaign opens a phishing email.

Right now all the emails are sent alphabetically by first name.

Need to be able to create a campaign that sends, in a time phase, multiple emails to the same user list. This would be configured today as multiple campaigns. If I knew I was going to have 3 attacks over time at the same user list, today I would create 3 campaigns. I'm requesting multiple attack <-> training pairs in the same campaign.

Please add Support for German to make this usable for our Region.

I would like the ability to add a group of users to a new campaign from the campaign results screen.

The idea would be to look at the employee data from one campaign and take all of the users that failed and add them to another campaign in one fell swoop. That way we can target users that failed with another campaign soon after.

More options for Attacks would be nice to make it easier to quickly make more campaigns. For example, the current templates are all centered around Visa, but some organizations use Master Card, so the Visa templates have to be heavily modified. Other examples are "female friend request" but my organization is 80% female and it would be nice to have an option to have a "male friend request" to send without having to repurpose an existing template and find a good image to use.

Connect Phish threat users to Sophos Central users synced from AD.

Just like we have for Central but for Phish Threat: http://centralstatus.sophos.com

Perhaps Phish Threat needs it's own page or it can be included into the existing one for Central. It would be good to show customers any issues with email flow, log in issues etc. This would help to deflect cases as well in the event of an outage which would cause many customers to call in.

It would be neat if we could tell PT to send managers a summary of any active campaigns (e.g. once per week) so they know who of their employees is enrolled, and whether they have passed/failed the campaign or quiz.

Currently, Phish Threat will notify a manager if their employee fails a phishing attack. It would be nice if it could also inform a manager if their employee has passed the attack. Absent giving all managers access to the Sophos Cloud console, they have no way of ensuring their employees have taken and passed mandatory training. If this is to be delegated to them to ensure it happens, giving us an option to give them visibility if an employee passes OR fails the campaign or quiz would be valuable.

It would be good, that we could see the date and time of the Failed Trainings of enrolled users, also his score and what answers he choosed...
As it is now, when one choose list of users who had Failed the Training, bbut also retake that training again, you won´t see the date of Failed Training. For the system, it is Completed no matter what and it won´t show in statistics.

When identifying staff from the campaign's employee data page we'd like to be able to export that information as CSV to better identify, and address various scenarios, for instance those users who have "opened" an attack email (see: https://ideas.sophos.com/forums/593590-phish-threat/suggestions/19574035-os-browser-email-client-should-be-available-for) for more detail.

Allowing an export of this information will enhance our ability to identify staff and provide proper guidance.

It would be good that we could change, rewrite the "template" of the page after the user has failed the final quiz.

at 1) the customer would be able to customize the message sent to users, add specific informations or add additional contact within the organisation for help or anything else

at2) when the user fails the final quiz, 0% score is not simply a good score :)

Here is an idea for positive reinforcement for phishthreat.
If a user doesn’t fall victim to a phishing training have a “positive” email sent to them indicating that they successfully passed the training.
Obviously there would have to be time period allocated after the email was sent to determine if they do or do not click.

The Training Campaign editor does not offer the same level as customisation as the Attack Campaigns. The customer needs to customise the look as the corporate standard.

The email comming from the Phish Threat platform has Basic Times New Roman font and gray background, content in white. I would suggest white background and Arial font or something simply.