We traditionally send a warning message to all users when we see legitimate phishing attempts. We normally do this after IT has received 3 or 4 notifications of the same phishing email.
How do you handle this when you are doing a KnowBe4 phishing campaign? I don't want to notify all of a possible phishing attempt or that alters statistics. I don't want to not notify users or IT loses credibility for not alerting users.
Please sign in to leave a comment.