Provide the ability to include company prepended Subject and Body into phishing system templates

Vastattu

Seth Retig

29. huhtik. 2021, 20.07

We attempted to move to DMI for phishing in lieu of traditional mail flow so that we could phish our staff with attachments/macros, traditionally blocked by our mail system (Exchange Online). While this worked, it had a side effect. Because the injected messages do not pass through mailflow rules, our external sender notification are not applied to phishing messages.

Our current phishing training uses the system temples and are applied to departments to we can target content which would be applicable to a given job role. We allow the system to choose from a large group of templates so that users in the same department do not get similar messages on the same day, notifying each other of the test.

While we can customize individual templates, due to the number in the pool, it would be quite onerous to do so for all of the templates.

Without the company's prepended subject and header, we are sending mixed signals while using DMI as phishing messages do not contain the subject and body security notifications all other external messages receive.

We would like the ability to prepend the subject and body of the messages sent via the tool on a mass scale, e.g., update all system templates with a custom subject and body as a company sees fit. For example, update every template with a prepended subject of "External -" and a prepended body with HTML formatted text stating "CAUTION: This email originated from outside COMPANYNAME. Do not click links or open attachments unless you recognize the sender and know the content is safe."

Adding this functionality would add a lot of value to the DMI solution as it is currently the only mechanism for phishing users with attachments. However, without this functionality, phishing messages for companies notifying their users of external senders is confusing to the user base.

8

• 

  Walter Nelson 30. huhtik. 2021, 15.13

  Hi Seth,

  Thanks for contributing to the community board. I think this would be a fantastic thing to have. I went ahead and submitted a feature request to have the ability to include company prepended Subject and Body into phishing system templates and be able to do it on a mass scale within the console.

  1

  Kommenttitoiminnot Pysyvä linkki
• 

  Ben Virgilio 14. toukok. 2021, 13.44

  We would also love this. We just tried switching to DMI to bypass MS's constantly moving protections, and have realized it will not work for us as DMI emails are missing the external mail flag on our emails that our user's have become accustomed to.

  0

  Kommenttitoiminnot Pysyvä linkki
• 

  Kivi Dennis 14. toukok. 2021, 17.41

  Hi Ben,

  Thanks for your post. I have added you on as a +1 to the feature request.

  0

  Kommenttitoiminnot Pysyvä linkki
• 

  Angel Muñoz Machio 25. toukok. 2021, 13.44

  This would be great! Without this feature, sending out random phishing emails is useless...

  0

  Kommenttitoiminnot Pysyvä linkki
• 

  Kivi Dennis 25. toukok. 2021, 17.39

  Hi Angel,

  Thank you for your post and contribution to the community board. I too think this would be a great addition. I've added you on as a +1 to the feature request. That way we can show our development team the continued interest in adding this.

  0

  Kommenttitoiminnot Pysyvä linkki
• 

  Jody Duran 07. kesäk. 2021, 20.00

  Glad I found this request before enabling DMI in our environment - My company is similar to the prior posters - the external email warning is key for our users' ability to identify potentially risky emails.  Would love to know if/when this feature is implemented.

  0

  Kommenttitoiminnot Pysyvä linkki
• 

  Kivi Dennis 08. kesäk. 2021, 17.30

  Hi Jody,

  Thanks for your post and contribution to the community board. Currently, I don't have any insight on if or when this feature will be developed. I will, however, add you as a +1 to the feature request. This way our development team can see that there is continued interest in this feature.

  0

  Kommenttitoiminnot Pysyvä linkki

Kirjaudu sisään jättääksesi kommentin.