Best Practices

Share

Is this article helpful?

Last updated:

Help Your "Clickers" or Vulnerable Employees

We recommend that you train all your users with our security awareness training modules. These modules will provide your users with the information and skills they need to stay safe from phishing attacks.

However, you may have some "Clickers," or users that fail your phishing tests more frequently. In this article, you will learn about the steps you can take to help these users improve and help keep your organization safe from security threats.

Create a Remedial Training Campaign

In your KnowBe4 account, you can create a remedial training campaign to train users who frequently fail phishing tests. By enrolling your Clickers in remedial training, you can help improve their security awareness knowledge and prevent them from failing phishing tests in the future.

Tip: If you are a Platinum or Diamond customer, you can use our Smart Groups feature to create an automated remedial training campaign. For more information, see our Automation with Smart Groups: Remedial Training article.

Make Phishing and Training a Friendly Competition

In addition to assigning remedial training, we also recommend that you use friendly competition to motivate your Clickers. Friendly competition helps make training interactive and engaging so that your users will be more motivated to stay safe online.

There are many ways that you can make phishing and training more competitive. For example, some organizations use gift cards, team outings, and other incentives to reward users who have the least amount of phishing failures. You can also set up leaderboards and badges for your users to see in their Learner Experience (LX) to compete with other users in your organization.

For more information about the LX, see our Learner Experience Guide. To learn more about leaderboards, badges, and gamification, see the articles and videos listed below:

Warn Users of Disciplinary Action

If your users click a legitimate phishing link, they could put your organization at risk of cyberattacks. It's important for your users to report simulated phishing tests as it shows that they can correctly identify red flags that are often seen in real security threats.

Your organization can set a limit for the number of failures users can have before disciplinary action is taken. Additionally, you can send users warnings when they fail phishing tests to remind them of the importance of these phishing tests.

You can also consider limiting your Clickers’ access to certain applications or websites and increasing their security configurations.

Was this article helpful?

14 out of 14 found this helpful

Can't find what you're looking for?

Contact Support