SPAM vs. Phishing Infographic

Answered

Comments

13 comments

  • Official comment
    Avatar
    Katie Brennan

    Hi Russell,

    Thanks for this request. I've forwarded your idea to our design team so they can look into creating something like this in the future.

    If you need anything else or have more ideas you'd like to share, please feel free to reply back.

    Thanks!

    Katie
    KnowBe4

    Comment actions Permalink
  • Avatar
    Austin H

    We have basically the same problem. Users don't seem to know the difference between spam and phishing emails. So most of the "Phishing" tickets we get in are just spam emails trying to sell you stuff and what not.

    1
    Comment actions Permalink
  • Avatar
    Lauren Ashley

    Hi Austin,

    Thank you for your input.  I have sent an additional request for this feature to our development team for review.  As stated before, we base a lot of our development on customer feedback, so we appreciate your input.

    Thank You!

    Lauren
    KnowBe4

    0
    Comment actions Permalink
  • Avatar
    Brian Steingraber

    This would be a great idea.

    An "Security, Hints and Tips" email template would be great!

    Or a short 5 minute training course!

    0
    Comment actions Permalink
  • Avatar
    Lauren Ashley

    Hi Brian,

    Thank you for your input! We currently have a training course on the roadmap for how to use the Phish Alert Button. This will clarify the difference between SPAM and phishing emails, specifying when users should and should not use the PAB. I will also add your idea of the Security Hints and Tips email template on this topic to the roadmap.

    Thanks again!

    Lauren
    KnowBe4

    1
    Comment actions Permalink
  • Avatar
    Lee Trusty

    Hi, we're running into the same issue here.  We're completely overwhelmed with folks using the button to report everything except actual phishing.  Is there any update on the training or infographic?  Thanks in advance!

    0
    Comment actions Permalink
  • Avatar
    Katie Brennan

    Hi Lee,

    I do not have an update on the timeline of the course at this time, but we will put another request in for it to ensure that they can prioritize accordingly.

    Thank you!

    Katie
    KnowBe4

    0
    Comment actions Permalink
  • Avatar
    Scott Brinker

    I too are having staff members who are asking for the difference and ultimately I would love to provide a response to these recipients with a link that explains the difference and a perfect link would be to direct people to a knowbe4 web page 

     

    0
    Comment actions Permalink
  • Avatar
    Lauren Ashley

    Hi All! 

    We've released a training module that addresses this issue! This short module titled, Using the Phish Alert Button: Report Suspicious Emails, teaches viewers how to distinguish between spam, phishing, and spear phishing emails.

    From your KnowBe4 account, you can search for "Phish Alert" in the Modstore to find this course. 

    We hope this helps! 

    Regards, 

    Lauren 
    KnowBe4

    1
    Comment actions Permalink
  • Avatar
    Charles Heller

    We have not pushed the button to our users yet due to the same reasons as everyone before me has raised. Is thee a recommended service such as Open Threat Exchange or Virus Total that we could use to do multiple checks for the emails that we will no doubt be sent by our users when they start clicking the button?

     

    We expect that even a lot of people will not even read the email they receive about the difference of what SPAM and Phishing is even when it is explained to them. They will see it as the " All Mighty" button to get rid of the email they do not want and no need to click delete anymore, as it already moves it to that folder. 

     

    All ideas and input welcome. 

    0
    Comment actions Permalink
  • Avatar
    Kaiser

    Hi Charles,

    Totally hear ya on this one! I included some details on this in my response to you in your thread (linked here if anyone else wants to see). While the PAB is not built with integrations for Open Threat Exchange or Virus Total, PhishER is compatible with the latter. 

    I hope this helps! Feel free to reach out if you have other questions or feedback to provide. :) Thanks!

    Kaiser 

    KnowBe4

    0
    Comment actions Permalink
  • Avatar
    Matthew Bates

    PhishML, as part of PhishER, is going to be your best friend if this is a problem for you. We have our rules setup such that, if the machine learning confidence level of the reported email causes it to be tagged as `PML:SPAM` and did not contain any infections according to VirusTotal, PhishER automatically resolves the reported email and replies to the user that the reported email was verified to be safe SPAM and thanks them for being cautious. This causes each time this occurs, to be a learning opportunity for the employee that reported SPAM.

    Employees reporting SPAM is irritating, but I would rather our employees be overzealous and report everything that looks phishy, rather than relying on each employee to judge whether any given email has malicious intent.

    KnowBe4 -- do I get any kickbacks for my gratuitous advertisement of PhishER??? lol.

    0
    Comment actions Permalink
  • Avatar
    Douglas Freeman

    Hey Matthew! 

    Thank you for the glowing endorsement. While I can't personally offer you any kickbacks I did notify your Customer Sucess Manager that you're happy with the PER platform! 

    We appreciate your input on this and your willingness to help our other customers with best practices that work for you! 

    0
    Comment actions Permalink

Please sign in to leave a comment.