Phish Threat

Suggest, discuss, and vote on new ideas for Sophos Phish Threat. Phishing attack simulation and training for your end users.

Phish Threat

Suggest, discuss, and vote on new ideas for Sophos Phish Threat. Phishing attack simulation and training for your end users.

  1. Anonymization/Pseudonymization of users

    While administrators and managers shall be able see on a per-campaign-basis the percentage of tests which failed and trainings which were begun/finished - they must not see the individual results of each users.
    The users must not be displayed in clear text, only anonymized/pseudonomized.
    Access to this individual information must only be accessible either using 4-eyes-principle authentication for this information or by creating a special administrator role which may see this kind of personally identifiable information.

    51 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Can you please add .co.uk domain for the sender address option please?

    Can you please add .co.uk domain for the sender address option please?

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. How do I view Campaign Settings?

    After a campaign is started, how do I see what the settings were? I don't remember how often reminders will be sent or for how long? I don't want to edit them, I just want to see the original settings once a campaign has been created. How do I do this?

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Change wording for starting a campaign

    When you create a campaign and schedule it for a future date, you must still "start campaign" before this date. However, in the overview of the campaign it lists "Start Date" with your scheduled time. When the time is in the future, the button should read "Schedule Campaign" instead. I missed our predetermined window yesterday because I thought the "Start Campaign" button would actively start the campaign immediately, and that the scheduled date/time would automatically start it as designated. This would certainly clarify use of your product.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Better support for Incomplete Training

    Given our trainings require 100% completion/pass, it would be nice to see the Campaign Dashboard include a bar graph for "Incomplete Training", something i can click on, and see who hasn't completed yet. Further, a "resend training" button would be great, to resend to an individual or to all users who haven't completed training yet.

    Currently i have to go to Export Data to figure this out, cut/paste their email and link from the spreadsheet, and send to them.

    It is also difficult to determine who has completed but not passed. Currently i have to export all results to CSV,…

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. multiple logo upload

    Our organization has 20+ Business units. Please allow for multiple upload of [company logo}.
    Plus we like to add a signature block at the end of our reminders,in it we use a smaller size of our logo, which cannot be done at this time. The key here is to increase the appearance of authenticity of our threats and to add more integrity to our training. This will get more end users actually responding to the requests for training.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Sophos Phish Threat should globally add the Domain list without company manual data entry actions

    Sophos should globally add the Domain list without company manually entering each domain name entry. Sophos should automatically update and push domain list.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Resume Training/Save Progress feature request

    Having the ability to save progress as a user engages in a training campaign with multiple modules would be a welcomed feature. Saving progress, including completed modules, quizzes and scores would be beneficial for most of my users. In the meantime, adding a disclaimer to the "resume training later" link that progress is not saved might help. Thank you.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add ability to modify campaign data during or after a campaign has launched

    PhishThreat (PT) data cannot be modified during or after a campaign goes live. Since PT currently uses an independent user database (not tied to cloud AV - which is tied to Active Directory (AD)) user details can be incorrectly and permanently captured.

    Scenario1: A staff member is listed in a specific department in AD. The user list is exported from AD and imported to PT prior to the launch of a campaign. The campaign begins and the user is promoted/ transferred to a different department or the original department was wrong, the change is made in AD, and the export/…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Copy Duplicate of Campaign Material

    Duplicate or copy of campaign material.
    Suggesting my Idea to Phish Threat in the future to have retrieval or saved a copy of campaign material before and after the campaign was published and have a compatibility html codes for outlook 2016 email format.
    As of now were just copying html codes to create new campaign and needed to be checked for the exact format and view for outlook 2016 versions.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Archive Users

    I would like to be able to archive users, but keep their data within the system, so I can keep searching and having accurate reports based on who a campaign was sent to, even if the user is no longer active.
    (I guess I am operating under the assumption that when I "replace" a user file, all record of users that are removed goes away with them - is that correct?)

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. attachment campaigns

    Ability to choose at which step users will be automatically enrolled in the training. A user opening the email should already be enrolled so It would be great if we can choose the training enrollment trigger.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Adopt a Pet Campaign Enhancement

    If I use the Adopt a Pet campaign, you should allow the user to see the actual video of the cute puppies after they take the training.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Automated Reporting / Scheduled Reports

    It would be great to have a way to set up automated/scheduled reports to be emailed.
    This feature would allow us to easily provide reports to our management team and compliance officers on a consistent schedule without having to tie up an administrators time pulling reports, exporting them and compiling them into email.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Resume Training Later

    For the Modules that cannot save progress midway through, can a disclaimer please be added, or the wording changed to make it clear that "Don't have time now? Click Here to receive an email to resume training later" actually means that the user will lose all progress and have to start again from the beginning

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. CrossFit email template

    How about a CrossFit themed e-mail template?

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Phishing Campaign Employee Data

    I see a "search" option within the Employee Data page of a campaign, and it states that I can search by name, department, job title, or email. I typed in a department name which I copied and pasted from the campaign summary page, and it found no results.
    In an ideal world, either this would work, or there would be a department drop-down that would allow me to filter.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. We'd like to assign arbitrary points

    The attack sophistication 1 through 5 is perfect. Now we'd like to be able to assign that 1/2/3/4/5 point value to each campaign we run, and have that metric used for evaluating users. A custom report would be good. If one user clicked two 5 point campaigns, he or she is more dangerous to us than someone that has clicked three 1 point campaigns.
    We are currently keeping track of these points via spreadsheet and would like it integrated to Phish Threat.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. On-the-fly Training Reminders

    I would like to be able to send reminders for an outstanding campaign. The initially scheduled reminders were not completely effective in getting all participants to complete the training (in fact, just over 50% completed training, with 6 reminder emails sent!). I would like to be able to send reminders for all of those who have not completed training, at the push of a button. As I've requested previously, I'd also like to be able to inform managers of status of their employees at the push of a (different) button.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Specify Work Hours

    It would be nice if we could specify our normal business hours under General Settings or for a specific campaign so that emails would only be sent out during that time frame. We're finding that some users are not seeing emails due to sending out at odd hours.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Phish Threat

Categories

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.