PhishER for simulated phish
Megválaszolt
Hello,
Our mobile email client Boxer, forwards phishing emails to our @phisher.knowbe4.com address. Boxer has their own phish reporting feature that supports this. The downside is that simulated phishing emails that are reported in this manner dont show up in our phishing campaign results. Is there any way to have PhishER or your API recognize this simulated emails so they are reported accurately in a phishing campaign?
-
Hello Geathan,
Thanks for reaching out to our community board! I'm sorry to hear there are some issues with your email client's phishing reporting feature and PhishER. This isn't something we have available at this time so I've submitted a feature request on your behalf to our development team for review. We base a lot of our new releases and features on customer ideas and requests, so we do appreciate your input!
Feel free to reach out again for further questions or comments.
Thanks,
Merlin
-
Hi Geathan Augustine,
Be aware too, if you have PhishER set to automatically send reported messages to VirusTotal, the user that reported the simulation WILL FAIL. VirusTotal explodes the message causing the user to fail the campaign. Even if you 'reset' the user, as long as the campaign is active, VirusTotal will repeatedly detonate the message causing the user to fail over and over. You must turn OFF the auto-send feature before the campaign starts in order to prevent false results.
We experience the same issue. Although I haven't found a way to capture the reported phish statistic, I did create a rule and action to report back to the user that the message they reported was part of our internal campaign (a "Good Job" message).
This is important to us also. We would like to see better integration between PAB, KMSAT and PhishER. It would be nice if PhishER could recognize a simulated phish report and communicate back to KMSAT so we have accurate statistics.
-
Thank you for contributing to the community board
I can definitely see what you are saying when using an external reporting source with our PST emails. One of the ways that we mitigate this is with use of the Phish Alert Button, it will not forward our PST emails into PhishER so you wouldn't get those false positives.
I can understand how that can be a bit rough so I'll add a feature request in on your behalf as well.
Hozzászólások írásához jelentkezzen be.
Hozzászólások
5 hozzászólás