Phish Threat

Suggest, discuss, and vote on new ideas for Sophos Phish Threat. Phishing attack simulation and training for your end users.

Phish Threat

Suggest, discuss, and vote on new ideas for Sophos Phish Threat. Phishing attack simulation and training for your end users.

  1. Resend failed campaign emails

    Quite often there are times where there is an email delivery issue for campaigns and the only way to resend these failed/bounced emails would be to re-create a campaign from scratch to the same users. Providing the option to resend a campaign (once per 24 hours etc to avoid abuse) would be helpful for these scenarios.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. save campaign for future

    Currently it's not possible to save a campaign as a draft. ability to draft a campaign in Phish Threat is crucial because if session expires, or you just need to gather more info or... and return to a partially completed campaign, then everything disappears and you need to start from scratch.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Phish Threat actions should show in audit log

    Currently Phish threat actions (creation,deletion, modification) do not show in the audit logs on the Central Dashboard. This would be an important feature for accounting purposes.

    There would be no way to track/audit unwanted creations/deletions campaigns which is an important security feature.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Edit Attachments or Use Custom Attachments

    Like many other solutions it would be nice to be able to edit every facet of the campaigns in order to tailor them to our businesses. This would include the ability to customize the attachments sent in attachment campaigns.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  5. General settings in Phish Threat V2 missing options

    In Phish V1 there were several "General Settings" which gave options such as these features should make it over to V2 as they are important settings required:


    • Email Sending

    • Training Reminders

    • Grading Options

    • Notify employee's manager on failed phishing attacks

    • Responses to Phishing Email

    • Language options

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Automatically enroll users in a default campaign

    In Phish V1 they had the ability to enroll newly added users to a default campaign. This feature was not carried over to V2.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ability test email flow

    Test the email flow to a specific user in phishing campaign within the campaign. Need to ensure the email is getting through the intended network's email filter. At the moment, we need to create a test campaign every time we test this.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Report for what training courses users have taken

    Need a report to show which training courses each user has taken so we can know what to assign for future campaigns.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Cleaning Up The Links For Phish Threat Training

    We're reaching out regarding an issue with the Phish Threat product. The training campaigns work just fine except that the link within the enrollment email shows a URL that looks illegitimate to end users. We deployed it to one of our clients and they thought that the training was a phishing spam. The same issue occurred when looking at the URL on the Training landing page. Is there a way that can be cleaned up so that the URL's for the Phish Threat product don't look like the very spam we're training users to avoid?

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. I would love to be able to report on user's scores during a training campaign.

    Currently, it is my understanding that I have to wait until a training campaign is finished before I can get a report of the user's scores. I'd like a report that shows that information while the campaign is in progress. This would make it possible to get ahead of the curve with users who are having a problem "getting" the concepts.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Creating Groups Dynamically

    I would like the ability to create groups from within the tool, so that I can add people to groups based on how they respond to phish. For example, if someone gets under 100%, they are added to "ongoing training group a", and if they get under 60%, they are added to "ongoing training group b". The tool does not let me automate to that level, and I am not seeing a way to do it easily without adding users one-at-a-time to a new campaign.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. No Attack Previews available after campaign starts for a series

    we are running a series with multiple campaign. If i look at a "future" campaign on the dashboard, i can see a preview of the "attacks". However, once the campaign starts, the previews disappear and that section of screen is blank. Would it be possible to leave the previews there or include hyperlinks to those attack templates used in the campaign.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Hyperlink to "attack" or better way to preview attack template.

    When viewing campaign results (even when exporting to excel), it would be nice to include a hyperlink to the attack template that was sent to a specific user so management can sit with a user and look at the email together. The results might say something like template "W2 Tax Correction" or "Google COVID-19 WFH Tools and Tips" but that doesn't really let the us know what the email looks like. The only way I know to see what the template looks like is to create a new "dummy" campaign, choose a category, search for the template name (praying it…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Viewing results of more than one campaign at a time (by date range or series?)

    I am currently running reports of campaign results and letting management know which users failed and which have not taken training. We are currently running a series with weekly campaigns. I need to view / sort / report from multiple campaigns for the management reports I am generating. I currently have to go to week 1 campaign results, and export them. Then I go to week 2 campaign results, export them, cut/paste and add results to week 1, then on to week 3, etc. Once in excel, i can sort, pivot table, filter, etc. but getting the results exported is…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enabling Other Options for Users to Report an Email in Phish Threat

    I realize there is an option for users to report an email without opening it within Phish Threat if they have the Outlook add-in, but can we add other options for users to report emails? Not all customers will want an Outlook add-in added to their profiles. Can we offer an option for administrators to mark an email as reported within Sophos Central when the client contacts us to report a phishing attempt? This would allow for much more accurate reporting as many of our clients will report an email directly when they see something suspicious. Thanks!

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Training reminder options

    Is there any way we could accomplish sending our users reminder e-mails to take training, if they click a link during a Sophos phishing campaign, but have it not be a daily reminder e-mail - say, just one or two reminders? An option for how many reminders and how often those reminders get sent out.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Report Message Button

    Provide a list of all Reported Emails from Sophos Central and add the function to take Action from the portal. Actions would be block domain or email address from within the Message and see who else received the email. Make it as simple for our Admins to manage the entire suite from the portal.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  18. The pre-requisites for Office 365 ATP configuration need to be easily seen by Central administrators.

    Neither the help pages or Central admin have any links or make any mention of the pre-requisites for Office 365.
    These need to be easily seen by Central administrators - the help pages are unhelpful and entirely lacking in information. A simple reference to the KB URL: https://sophos.com/kb/131747 would solve this and prevent unhappy administrators.

    TO QUOTE from the existing help pages : https://docs.sophos.com/central/Customer/help/en-us/central/Customer/concepts/PhishThreatSettings.html
    Sending domains and IPs

    Here you can see the domains and IP addresses used for sending campaign email from Phish Threat.
    Note You must allow mail and web traffic to and from these IPs and domains…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Phish Threat Quiz Visibility

    We had numerous complaints from users that they completed training but kept receiving email reminders. In reality, they did not noticed the "Quiz" button and assumed that was it.

    Would be nice to have some kind of highly visible pop up after video is over to tell users that there is also a quiz to follow.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Use Sophos DNS names for click tracking

    Currently, it is required to whitelist all off Amazon tracking (*.awstrack.me) globally. This presents a potential privacy and security issue as it is so broad.

    Amazon allows for and documents how to use alias records so that customers see your DNS names and not Amazon's. It is easier to whitelist all of Sophos than it is to whitelist all of Amazon. As a security company, correcting these perceived issues should be paramount.

    See the link to Amazon's documentation for details.

    https://docs.aws.amazon.com/ses/latest/DeveloperGuide/configure-custom-open-click-domains.html

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Phish Threat

Categories

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.