Phish Threat

Suggest, discuss, and vote on new ideas for Sophos Phish Threat. Phishing attack simulation and training for your end users.

Phish Threat

Suggest, discuss, and vote on new ideas for Sophos Phish Threat. Phishing attack simulation and training for your end users.

  1. Phish Threat actions should show in audit log

    Currently Phish threat actions (creation,deletion, modification) do not show in the audit logs on the Central Dashboard. This would be an important feature for accounting purposes.

    There would be no way to track/audit unwanted creations/deletions campaigns which is an important security feature.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Edit Attachments or Use Custom Attachments

    Like many other solutions it would be nice to be able to edit every facet of the campaigns in order to tailor them to our businesses. This would include the ability to customize the attachments sent in attachment campaigns.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  3. General settings in Phish Threat V2 missing options

    In Phish V1 there were several "General Settings" which gave options such as these features should make it over to V2 as they are important settings required:


    • Email Sending

    • Training Reminders

    • Grading Options

    • Notify employee's manager on failed phishing attacks

    • Responses to Phishing Email

    • Language options

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Automatically enroll users in a default campaign

    In Phish V1 they had the ability to enroll newly added users to a default campaign. This feature was not carried over to V2.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability test email flow

    Test the email flow to a specific user in phishing campaign within the campaign. Need to ensure the email is getting through the intended network's email filter. At the moment, we need to create a test campaign every time we test this.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Report for what training courses users have taken

    Need a report to show which training courses each user has taken so we can know what to assign for future campaigns.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. I would love to be able to report on user's scores during a training campaign.

    Currently, it is my understanding that I have to wait until a training campaign is finished before I can get a report of the user's scores. I'd like a report that shows that information while the campaign is in progress. This would make it possible to get ahead of the curve with users who are having a problem "getting" the concepts.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Creating Groups Dynamically

    I would like the ability to create groups from within the tool, so that I can add people to groups based on how they respond to phish. For example, if someone gets under 100%, they are added to "ongoing training group a", and if they get under 60%, they are added to "ongoing training group b". The tool does not let me automate to that level, and I am not seeing a way to do it easily without adding users one-at-a-time to a new campaign.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Training reminder options

    Is there any way we could accomplish sending our users reminder e-mails to take training, if they click a link during a Sophos phishing campaign, but have it not be a daily reminder e-mail - say, just one or two reminders? An option for how many reminders and how often those reminders get sent out.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. save campaign for future

    Currently it's not possible to save a campaign as a draft. ability to draft a campaign in Phish Threat is crucial because if session expires, or you just need to gather more info or... and return to a partially completed campaign, then everything disappears and you need to start from scratch.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  11. The pre-requisites for Office 365 ATP configuration need to be easily seen by Central administrators.

    Neither the help pages or Central admin have any links or make any mention of the pre-requisites for Office 365.
    These need to be easily seen by Central administrators - the help pages are unhelpful and entirely lacking in information. A simple reference to the KB URL: https://sophos.com/kb/131747 would solve this and prevent unhappy administrators.

    TO QUOTE from the existing help pages : https://docs.sophos.com/central/Customer/help/en-us/central/Customer/concepts/PhishThreatSettings.html
    Sending domains and IPs

    Here you can see the domains and IP addresses used for sending campaign email from Phish Threat.
    Note You must allow mail and web traffic to and from these IPs and domains…

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Phish Threat Quiz Visibility

    We had numerous complaints from users that they completed training but kept receiving email reminders. In reality, they did not noticed the "Quiz" button and assumed that was it.

    Would be nice to have some kind of highly visible pop up after video is over to tell users that there is also a quiz to follow.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Users Name Format Support

    Allow support for users with naming convention of 'Last Name, First Name' in campaigns.

    Currently {FirstName} variable resolves to the users 'Last Name,'

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Campaign Overview Dropdown Filter should have "Not Completed"

    All other options are in the drop down filter. "Not Completed" which is the most important for managing open campaigns is not available in the Campaign quick view.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Cleaning Up The Links For Phish Threat Training

    We're reaching out regarding an issue with the Phish Threat product. The training campaigns work just fine except that the link within the enrollment email shows a URL that looks illegitimate to end users. We deployed it to one of our clients and they thought that the training was a phishing spam. The same issue occurred when looking at the URL on the Training landing page. Is there a way that can be cleaned up so that the URL's for the Phish Threat product don't look like the very spam we're training users to avoid?

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Change behavior of lists in Phish Threat to remain filtered after a selection

    When adding users to a campaign, it is horribly inconvenient to select one user on the third page of users and then immediately have the list return to the first page again. The same thing happens when you search for a group but only want to select two people from the group. It immediately goes back to the full list. My suggestion is to have the list remain in the filtered state or on the same page that it was in before I selected an individual. I can more easily return to the full list than I can get back…

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add to reports - to view users not started training

    The data is available in the report if I download the report, but it would be nice to see that info in PhishThreat interface alongside other diagrams , and if it can be emailed to the admin as well, would be great. - eg. scheduled reports with preset parameters emailed weekly\monthly for each campaign separately. Need to be able to send reminders to people not started training through PhishThreat where email would be coming from admin, not just generic PhishThreat.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. How do I view Campaign Settings?

    After a campaign is started, how do I see what the settings were? I don't remember how often reminders will be sent or for how long? I don't want to edit them, I just want to see the original settings once a campaign has been created. How do I do this?

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Resume Training Later

    For the Modules that cannot save progress midway through, can a disclaimer please be added, or the wording changed to make it clear that "Don't have time now? Click Here to receive an email to resume training later" actually means that the user will lose all progress and have to start again from the beginning

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Email Report for Campaign Status

    Currently, the only way to see the current state of a campaign (i.e. who click, who opened, etc.) is to login to the portal. It would be nice if there where an option to configure for the system to send an email. For example, an email could be sent to a specific address when a user in a campaign opens a phishing email.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Phish Threat

Categories

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.