PhishER Change Log – Knowledge Base

Below is a list of our new feature releases and updates for KnowBe4's PhishER platform.

The latest list of updates will be displayed at the top of the page.

2022 Changes
2021 Changes
2020 Changes
2019 Changes
2018 Changes

Release Date	Description
April 2022	We have released our new Basic Editor feature for rules! This feature guides you through creating a custom rule in PhishER. Rules are logical expressions used to disposition emails forwarded to your PhishER inbox. For more information on this new features, visit our How Do I Create a Rule and Action in PhishER? article.
February 2022	PhishRIP now supports more than one instance in Microsoft 365 and Google Workspace. For more information, see our PhishER Settings article. The User Comments and Email Disposition feature from the Hybrid Phish Alert Button now adds tags and user discussions to your PhishER platform. For more information, see our Adding User Comments and Email Disposition to the Phish Alert Button article.
January 2022	You can now send notifications to users based on your different rooms in PhishER. You can send these notifications to multiple users over a specific timeframe. You can customize notifications to only alert users when a room has more or less than the desired number of emails. For more information, see the Notifications section of our PhishER Settings article.

Release Date	Description
October 2021	We updated our YARA Rule version to now support YARA version 4.1.2. For more information check out our How to Write YARA Rules article and YARA's documentation.
September 2021	We released an improvement to our PhishRIP queries.
July 2021	We updated our Custom DKIM feature to now allow you to add your own custom signing domains to the PhishER platform. For more information, visit our How to Enable and Customize DKIM Signatures in PhishER article. We released our new PhishER APIs to allow you to evaluate all of the suspicious emails that make it through to your users' inboxes. For more information, visit our KnowBe4 API Reference Guide and our KnowBe4 PhishER API article. We released Custom DKIM signatures for PhishER. Admins can now use allowed domains as signing domains for PhishER. For more information, visit our PhishER Settings article. You can now use PhishFlip without having to have PhishRIP enabled. In order to access the PhishFlip feature, you must have full PhishRIP Security Role access. See our PhishFlip and our PhishER Settings articles for more information. Your PhishER platform now allows you to retry your failed PhishRIP Queries. You can use the Retry button to run the query again without creating a new query. See our PhishRIP article for more information.
June 2021	We added a new filtering drop down menu in the Domains and URLs section and the Attachment section of the Message Details. You can use these filters to see only the Domains, URLs, or Attachments that you are interested in. See our PhishER Product Manual article for more information.
May 2021	We have released our new PhishFlip feature! This feature allows you to create KMSAT phishing templates from the user-reported emails that were sent to PhishER. See our PhishFlip article for more information.
March 2021	Your PhishER platform now allows you to create Webhooks for the PhishER platform. This allows you to provide other applications with real-time information. You will be able to receive a callback-based on an Action that is attached to a message. For more information, please visit our PhishER Settings article.
February 2021	The character limit has been removed when viewing the raw message in the Message Details. The Message Details section of your Inbox now allows for PhishRIP messages with similar subjects and sender to be grouped by AttackID when clicking on the View Queries button. For more information on this new feature, visit our PhishRIP article.
January 2021	Your PhishER platform Dashboard now offers widgets. You can add and remove different charts to see the information that is important to your organization and to customize your Dashboard. For more information on the new Dashboard features, visit our PhishER Product Manual.

Release Date	Description
December 2020	Your PhishER platform now allows you to create Security Roles for the PhishER platform. This allows you to add users from your KnowBe4 Security Awareness platform and grant them Limited or Full access to different areas of PhishER including Rooms, Inbox, Rules, Actions, PhishRIP, and Settings. You also have the ability to create Tag Limitations for the various Security Roles that you create. For more information, please visit our PhishER Settings article.
October 2020	Your PhishER platform can now be integrated with KnowBe4 Security Awareness Console. You can now send PhishER Events and Actions to the user timeline and create Smart Groups based on the information that you gather from your users through this integration. For more information, please visit our PhishER Settings article. Your VirusTotal integration with your PhishER platform now allows you to include domains that you would like to ignore when completing a VirusTotal scan. For more information, please visit our PhishER Settings article. The Reports section of your PhishER platform now offers a new bar graph that shows the most common Attachments, Reporters, Senders, Domains and URLs, and Tags. The Rooms section of your PhishER platform now offers the ability to go to a filtered Inbox, Dashboard, or Report based on your Saved Queries or the System Generated filters. Your PhishER platform now allows you to connect the PhishRIP feature with your Google Workspace instance. For more information, please visit our PhishER Settings article.
September 2020	When you sign out of your PhishER platform, you will also be signed out of your KnowBe4 console.
August 2020	Your PhishER platform now allows for to pick which columns you would like to see included on the Reports page. For more information on this new feature, visit our PhishER Product Manual. Your PhishER platform now includes a new Search bar. You can use the Search bar to find a dashboard or executive report for a specific search or campaign. For more information on the new Dashboard features, visit our PhishER Product Manual. Your PhishER platform Dashboard now gives you the ability to click on any of the following fields and taken to an automatically filtered inbox: Reported Messages, Automatically Resolved, Manually Resolved, Unresolved, Category, and Priorities. For more information on the new Dashboard features, visit our PhishER Product Manual. Your PhishER platform now allows for empty searches to be performed in Rooms as long as there is a particular field specified for the empty search.
July 2020	A count for the number of Attachments and Domains and URLs that exist in the message was added to the Preview tab of the Message Details screen. Your PhishER platform now includes the ability to customize the Body field in the Find Similar Messages window. You can create a new PhishRIP query by selecting the Body and modifying the text field. For more information on Customized Criteria, visit our PhishRIP documentation.
June 2020	Your PhishER platform now includes Customized Criteria. You can create a new PhishRIP query by selecting one of the following fields and modifying the text: Subject, Sender, Recipient, and Attachment. For more information on Customized Criteria, visit our PhishRIP documentation. The Actions section of your PhishER platform now offers the option of including Find Similar Messages in your Action. If the Find Similar Messages option is enabled, you can select the criteria that you would like the Action to create a new PhishRIP Query for when the Action is triggered. For more information on how to use the Find Similar Message section when creating an Action, visit our How Do I Create a Rule and Action in PhishER documentation. The Actions and Discussion sidebar of the Message Details page now include information on the number of PhishRIP queries that were initiated and the date of the last query that was initiated by the selected message. To learn more about the new information included under the PhishRIP section of the Actions and Discussion sidebar, visit our PhishER Product Manual.
April 2020	Your PhishER platform now includes PhishRIP, an email quarantine feature that allows your organization to search for user-reported emails across all of the mailboxes tied to your Microsoft 365 instance. Using PhishRIP, you can prevent active phishing attacks by removing potential email threats from the inbox of your users. Visit here to learn how to enable PhishRIP in your PhishER platform.

Release Date	Description
August 2019	Your PhishER platform now includes PhishML, a machine-learning module that analyzes all messages forwarded to your PhishER inbox. Visit here to learn how PhishML provides you with information that can make your prioritization process easier, faster, and more accurate. A Tags report was added to the Reports section of PhishER. Check out this report to view a list of your most common tags. Two columns were added to the PhishER inbox: Current Disposition Date and First Disposition Date. The PhishER Email Template Editor now includes a Source code option for HTML customization.
June 2019	Modify your Dashboard view to display a custom date range of data using the PhishER date picker. Visit here for more information. New placeholders were added to the Email Template Editor. Check out our Email Template Placeholders table for all of the details. The option to enable VirusTotal Automatic Scanning is now available. Click here to learn more about your automatic scanning settings. If you select messages in your PhishER inbox, a Run drop-down will now appear. This drop-down presents two sections: Replay and Actions. If you want to run all rules or all rules and actions against selected messages, choose an option from the Replay section. If you want to run an action against selected messages, choose an action from the Actions section. Visit here for more information about this recursive drop-down! A Download CSV option was added to the PhishER Inbox and Reports page. An Email section was added to the Run drop-down in your PhishER inbox. When a message is selected, this new section allows you the option to send a custom email. For more information about this feature, visit here.
April 2019	When creating an action, you can now choose the Delete matching messages option. If this option is selected, all matching messages will be permanently deleted from your PhishER inbox when the action is triggered or run. Preview how a YARA rule would affect messages in your PhishER inbox by using the Preview Rule option. Visit here for more information about this feature. If your PhishER platform is integrated with VirusTotal, you can now run a VirusTotal scan on attachments and URLs from the Message Details screen.
March 2019	An Email Templates section was added to the PhishER Settings page. This setting allows you to attach custom email templates to your PhishER actions. Track the history of a message from the Message Details section of your PhishER Inbox. Message history will list all of the events that changed or modified a message. A QuickActions bar was added to the PhishER Inbox. Add your most frequently used actions to the QuickActions bar for quick accessibility. You can now manage admin and user access to PhishER by enabling or disabling PhishER under an individual's User Profile settings in the KnowBe4 console.
February 2019	A Data Retention section was added to the PhishER Settings page for custom configuration. Bulk tagging can be done from the PhishER Inbox. This means that multiple tags can be added to multiple selected messages at the same time. All tags, attachment names, and email addresses are clickable filters. Clicking on one of these items will display a filtered view of your PhishER inbox.

Release Date	Description
December 2018	Bookmark this page to learn about PhishER updates.

Related articles