Phish Threat
Suggest, discuss, and vote on new ideas for Sophos Phish Threat. Phishing attack simulation and training for your end users.
-
Thai Language content
If possible I request Thai language content both Phishing and Training campaign
2 votes -
Ability to manually add "reported" phishing email by user
Ability to manually add "reported" phishing email by user
18 votesThis functionality is planned for release during Q4 of this year (2020).
-
Cleaning Up The Links For Phish Threat Training
We're reaching out regarding an issue with the Phish Threat product. The training campaigns work just fine except that the link within the enrollment email shows a URL that looks illegitimate to end users. We deployed it to one of our clients and they thought that the training was a phishing spam. The same issue occurred when looking at the URL on the Training landing page. Is there a way that can be cleaned up so that the URL's for the Phish Threat product don't look like the very spam we're training users to avoid?
6 votes -
Order of training videos
Hello. It would be really cool if we could arrange the order of training in the Sophos Phish Threat application. We are using that for out annual security training and would like to present 4 training videos to our users in a particular order. Thanks!
3 votes -
Remove users from in-progress campaigns
We should be able to remove users from running campaigns as our training campaigns could run for weeks and people can leave the organisation during the campaign.
15 votes -
Export and Import the customized attack template between tenants
As SaaS Provider of Phish Threat, they would like to share the same customized attack mail template between multiple tenants. Therefore, export/import feature is necessary for avoiding customizing per each tenant.
7 votes -
Be able to add custom valid domains
In the fishing campaigns we are limited to the domains you guys offer, most are not even close to my employers name or tools we use.
most of our users are well educated on security, so I like to step it up and sent phishing campaigns more elaborated with domains I can add myself, like any other fishing tool.
thanks3 votes -
Emailed certificate once training is complete
In V1 there was a certificate of completion emailed to each user, once the training had been completed, will that come in V2 as well? It would be good for tracking purposes within our organization.
13 votes -
Ability to add user infomation to caught landing in Phish Threat V2
The ability to add user information, such as First Name, Last Name and email address on the Caught Landing page will add a personal touch when user were caught.
Adding the company logo was a nice touch, but adding user info would be great. This function was already enabled on the phish email, shouldn't be hard to implement.
3 votes -
Allow Use of Domains that are registered with Email Protection Module
If I have a domain protected by Central Email Protection, I should be able to use that domain to send emails with Phish Threat. Of course I wouldn't want to use a domain that my users would be receiving mail at, but a lot of organizations will have multiple domains registered and might want to use an alternate domain that they own for sending Phish Threat mails.
4 votes -
Add a preconfigured report that lists users by their phish threat index
Add a preconfigured report that lists users by their phish threat index. This would help identify users who have consistently had problems in campaigns or with training but are not necessarily repeat offenders. This would be especially helpful if my other suggestion regarding allowing admins to tag users who have fallen for real-world phishing exploits and have that included in their phish threat index.
2 votes -
Add real phishing fails of a user to scoring equation
This is similar to another idea that's been suggested for manually failing a user in a campaign, but I'd like to log a fail that occurs when a user fall for a real phishing exploit. I think this should be reflected in their score to really make it comprehensive.
3 votes -
Allow admins to change the name of the organization
Currently (apparently) the only people who can change the Organization Name in Phish Threat is the Partner (vendor). That make no sense to me. If I as an admin don't know what our Org name should look like, who does?
3 votes -
Rename or update an existing campain
It would be helpful to have the ability to edit an exisitng campain so that you can rename it, maybe add more users etc.
13 votes -
Add new language dutch
Add new language dutch
2 votesDutch language support is planned to arrive this November.
Thanks,
Scott -
Include training campaign stats in Pregenerated Reports
When running a pregenerated report in Phish Threat and selecting the "Failed" or "Incomplete" training options, you see only training stats associated with an Attack campaign. I would like to see all training stats regardless of whether they are from an Attack campaign or a Training campaign.
3 votes -
Phish Threat Admin Role needed
To access Phish Threat, a user has to be granted Admin role. I would like more granual control over roles and permissions, so i can give the ownership of Phish Threat to someone without giving them access to everything else - Encryption, Endpoint Protection, Email Gateway, etc.
13 votes -
Change behavior of lists in Phish Threat to remain filtered after a selection
When adding users to a campaign, it is horribly inconvenient to select one user on the third page of users and then immediately have the list return to the first page again. The same thing happens when you search for a group but only want to select two people from the group. It immediately goes back to the full list. My suggestion is to have the list remain in the filtered state or on the same page that it was in before I selected an individual. I can more easily return to the full list than I can get back…
5 votes -
domain
Add ability to add domains.
For example if I registered sophsos.com, I would like to be able to add it to my Phish Threat account and use it for a campaign.
14 votes -
Add to reports - to view users not started training
The data is available in the report if I download the report, but it would be nice to see that info in PhishThreat interface alongside other diagrams , and if it can be emailed to the admin as well, would be great. - eg. scheduled reports with preset parameters emailed weekly\monthly for each campaign separately. Need to be able to send reminders to people not started training through PhishThreat where email would be coming from admin, not just generic PhishThreat.
5 votes
- Don't see your idea?