September 2023

• We've added system actions for new PhishER users! From the Actions tab in your platform, KnowBe4 now provides several actions to help you manage the messages in your Inbox. These actions can be enabled and used with minimal configuration, allowing you to start reviewing reported emails immediately.

August 2023

• Starting on December 31, 2023, KnowBe4 will no longer support the Second Chance free tool. Second Chance will continue to function through 2024 but will not receive updates and may be unstable. For more information, see our Second Chance Installation and Product Manual.
• We have released PhishER Plus! This new subscription includes the Global Blocklist and Global PhishRIP features. You can use these features to strengthen your organization’s email filters and prevent active phishing attacks by combining crowd-sourced information with existing features in your platform. To learn more, see our PhishER Plus product page.

June 2023

• We've added the Audit Log feature for your PhishER Blocklist! From the Blocklist tab in your platform, you can click the Audit Log subtab to view information about when entries are created, deleted, and synced with mail servers. For more information, see our How to Use the PhishER Blocklist article.

• We've released the new PhishER Blocklist feature! The blocklist synchronizes with your Microsoft 365 mail server to automatically filter malicious and spam emails from your users' inboxes. From the Blocklist tab, you can create and manage a unique list of blocklist entries for your organization. For more information, see our How to Use the PhishER Blocklist article. We’ve also added a Mail Servers tab, which allows you to connect and manage your mail servers. For more information, see our PhishER Settings article.

• We've added the option for reporting email addresses to only receive manually-reported emails. If you enable this option, PhishER will recognize emails with EML attachments as manually-reported emails. You can find the Forwarded Only setting in the Reporting Emails sub-tab of your PhishER Settings. For more information, see our PhishER Settings article.

• We've added the new Resource Center feature to your platform. From the Resource Center, you can view a full list of product guides and release notes, search our Knowledge Base, and create support tickets. For more information, see the Using the Resource Center section of our How to Use the Product Guide Feature article.
• We've released the new product guide feature. Product guides walk you through specific features to help you get the most out of your platform. For more information, see our How to Use the Product Guide Feature article.
• We’ve added global variables to allow you to update multiple rules at once if the rules use the same strings. In the Rules section of your platform, you can create global variables from the Global Variables tab. You can use either the Basic Editor or Advanced Editor to create rules containing global variables. For more information, see our How to Write YARA Rules article and PhishER Product Manual.
• You can now set a password to protect the files and attachments that you download from reported messages in PhishER. To set a password, enable the Password Protect Downloads setting in the Preferences tab of your PhishER Settings.

• In the PhishRIP section of your platform, we've added the option to filter messages by the PhishFLIP status. For general information about PhishRIP, see our PhishRIP article.

• We've released our new Basic Editor feature for rules. This feature guides you through creating a custom rule in PhishER. Rules are logical expressions used to disposition emails forwarded to your PhishER inbox. For more information, see our How Do I Create a Rule and Action in PhishER? article.

• We've updated our PhishRIP feature to support more than one instance of Microsoft 365 and Google Workspace. For more information, see our PhishER Settings article.
• We've improved the User Comments and Email Disposition feature for the Hybrid PAB. Now, this feature adds tags and user discussions to your platform. For more information, see our Adding User Comments and Email Disposition to the Phish Alert Button article.

• We've added the option to send notifications to your users based on your different rooms in PhishER. You can send these notifications to multiple users over a specific timeframe. You can customize notifications to only alert users when a room has more or less than the desired number of emails. For more information, see the Notifications section of our PhishER Settings article. 

• We've updated our YARA Rule version to now support YARA version 4.1.2. For more information, see our How to Write YARA Rules article and YARA's documentation.

• We've released an improvement to our PhishRIP queries.

• We've updated our Custom DKIM feature to now allow you to add your own custom signing domains to your platform. For more information, visit our How to Enable and Customize DKIM Signatures in PhishER article.
• We've released our new PhishER APIs to allow you to evaluate all of the suspicious emails that make it through to your users' inboxes. For more information, see our KnowBe4 API Reference Guide and our KnowBe4 PhishER API article.
• We've released Custom DKIM signatures for PhishER. Admins can now use allowed domains as signing domains for PhishER. For more information, see our PhishER Settings article.
• You can now use PhishFlip without having to have PhishRIP enabled. In order to access the PhishFlip feature, you must have full PhishRIP Security Role access. See our PhishFlip and our PhishER Settings articles for more information.
• You can now retry your failed PhishRIP Queries. You can use the Retry button to run the query again without creating a new query. See our PhishRIP article for more information.

• We've added a new filtering drop-down menu in the Domains and URLs section and the Attachment section of the Message Details. You can use these filters to only view the domains, URLs, or attachments that you're interested in. For more information, see our PhishER Product Manual.

• We've released our new PhishFlip feature. This feature allows you to create KMSAT phishing templates from the user-reported emails that were sent to PhishER. For more information, see our PhishFlip article.

• We've added the option to create webhooks for your platform. Webhooks allow you to provide other applications with real-time information. You will be able to receive a callback based on an Action that is attached to a message. For more information, see our PhishER Settings article.

• We've removed the character limit when you view a raw message in the Message Details.
• We've updated the Message Details section of your Inbox to allow for PhishRIP messages with similar subjects and senders to be grouped by AttackID when clicking the View Queries button. For more information on this new feature, see our PhishRIP article.

• We've added widgets to your Dashboard. You can add and remove different charts to see the information that is important to your organization and to customize your Dashboard. For more information on the new Dashboard features, see our PhishER Product Manual.

• Your PhishER platform now allows you to create Security Roles for the PhishER platform. This allows you to add users from your KnowBe4 Security Awareness platform and grant them Limited or Full access to different areas of PhishER including Rooms, Inbox, Rules, Actions, PhishRIP, and Settings. You also have the ability to create Tag Limitations for the various Security Roles that you create. For more information, please visit our PhishER Settings article.

• Your PhishER platform can now be integrated with KnowBe4 Security Awareness Console. You can now send PhishER Events and Actions to the user timeline and create Smart Groups based on the information that you gather from your users through this integration. For more information, please visit our PhishER Settings article.
• Your VirusTotal integration with your PhishER platform now allows you to include domains that you would like to ignore when completing a VirusTotal scan. For more information, please visit our PhishER Settings article.
• The Reports section of your PhishER platform now offers a new bar graph that shows the most common Attachments, Reporters, Senders, Domains and URLs, and Tags.
• The Rooms section of your PhishER platform now offers the ability to go to a filtered Inbox, Dashboard, or Report based on your Saved Queries or the System Generated filters. 
• Your PhishER platform now allows you to connect the PhishRIP feature with your Google Workspace instance. For more information, please visit our PhishER Settings article.

• When you sign out of your PhishER platform, you will also be signed out of your KnowBe4 console.

• Your PhishER platform now allows for to pick which columns you would like to see included on the Reports page. For more information on this new feature, visit our PhishER Product Manual.
• Your PhishER platform now includes a new Search bar. You can use the Search bar to find a dashboard or executive report for a specific search or campaign. For more information on the new Dashboard features, visit our PhishER Product Manual.
• Your PhishER platform Dashboard now gives you the ability to click on any of the following fields and taken to an automatically filtered inbox: Reported Messages, Automatically Resolved, Manually Resolved, Unresolved, Category, and Priorities. For more information on the new Dashboard features, visit our PhishER Product Manual.
• Your PhishER platform now allows for empty searches to be performed in Rooms as long as there is a particular field specified for the empty search.

• A count for the number of Attachments and Domains and URLs that exist in the message was added to the Preview tab of the Message Details screen.
• Your PhishER platform now includes the ability to customize the Body field in the Find Similar Messages window. You can create a new PhishRIP query by selecting the Body and modifying the text field. For more information on Customized Criteria, visit our PhishRIP documentation.

• Your PhishER platform now includes Customized Criteria. You can create a new PhishRIP query by selecting one of the following fields and modifying the text: Subject, Sender, Recipient, and Attachment. For more information on Customized Criteria, visit our PhishRIP documentation.
• The Actions section of your PhishER platform now offers the option of including Find Similar Messages in your Action. If the Find Similar Messages option is enabled, you can select the criteria that you would like the Action to create a new PhishRIP Query for when the Action is triggered. For more information on how to use the Find Similar Message section when creating an Action, visit our How Do I Create a Rule and Action in PhishER documentation.
• The Actions and Discussion sidebar of the Message Details page now include information on the number of PhishRIP queries that were initiated and the date of the last query that was initiated by the selected message. To learn more about the new information included under the PhishRIP section of the Actions and Discussion sidebar, visit our PhishER Product Manual.

• Your PhishER platform now includes PhishRIP, an email quarantine feature that allows your organization to search for user-reported emails across all of the mailboxes tied to your Microsoft 365 instance. Using PhishRIP, you can prevent active phishing attacks by removing potential email threats from the inbox of your users. Visit here to learn how to enable PhishRIP in your PhishER platform. 

• Your PhishER platform now includes PhishML, a machine-learning module that analyzes all messages forwarded to your PhishER inbox. Visit here to learn how PhishML provides you with information that can make your prioritization process easier, faster, and more accurate.
• A Tags report was added to the Reports section of PhishER. Check out this report to view a list of your most common tags.
• Two columns were added to the PhishER inbox: Current Disposition Date and First Disposition Date.
• The PhishER Email Template Editor now includes a Source code option for HTML customization.  

• Modify your Dashboard view to display a custom date range of data using the PhishER date picker. Visit here for more information.
• New placeholders were added to the Email Template Editor. Check out our Email Template Placeholders table for all of the details.
• The option to enable VirusTotal Automatic Scanning is now available. Click here to learn more about your automatic scanning settings.
• If you select messages in your PhishER inbox, a Run drop-down will now appear. This drop-down presents two sections: Replay and Actions. If you want to run all rules or all rules and actions against selected messages, choose an option from the Replay section. If you want to run an action against selected messages, choose an action from the Actions section. Visit here for more information about this recursive drop-down!
• A Download CSV option was added to the PhishER Inbox and Reports page.
• An Email section was added to the Run drop-down in your PhishER inbox. When a message is selected, this new section allows you the option to send a custom email. For more information about this feature, visit here.

• When creating an action, you can now choose the Delete matching messages option. If this option is selected, all matching messages will be permanently deleted from your PhishER inbox when the action is triggered or run.
• Preview how a YARA rule would affect messages in your PhishER inbox by using the Preview Rule option. Visit here for more information about this feature.
• If your PhishER platform is integrated with VirusTotal, you can now run a VirusTotal scan on attachments and URLs from the Message Details screen.

• An Email Templates section was added to the PhishER Settings page. This setting allows you to attach custom email templates to your PhishER actions.
• Track the history of a message from the Message Details section of your PhishER Inbox. Message history will list all of the events that changed or modified a message.
• A QuickActions bar was added to the PhishER Inbox. Add your most frequently used actions to the QuickActions bar for quick accessibility.
• You can now manage admin and user access to PhishER by enabling or disabling PhishER under an individual's User Profile settings in the KnowBe4 console.

• A Data Retention section was added to the PhishER Settings page for custom configuration.
• Bulk tagging can be done from the PhishER Inbox. This means that multiple tags can be added to multiple selected messages at the same time.
• All tags, attachment names, and email addresses are clickable filters. Clicking on one of these items will display a filtered view of your PhishER inbox.

• Bookmark this page to learn about PhishER updates.