What is employee phish reporting?
It enables your employees to report suspected phishing material through an add-on installed in your organisation's preferred email client. By enabling this functionality you have the added benefit of seeing which and how many employees report simulated phishing material when you run a campaign in CanIPhish.
Setting up and using the phish report add-ons
Google GSuite (Gmail): Gmail Report Phish Add-on Installation Guide
Office365 & Outlook: Office Report Phish Add-on Installation Guide
Inspecting reported phishing material
When an email is reported to CanIPhish, it appears in two places:
- On the Reporting page under the Employee Phish Reports tab. Here you can view in detail what email was reported and view information such as who reported the phish, what time it was reported, who the email came from, the email subject and CanIPhish will also list an attribution which includes 4 categories:
- Simulated Phish: Through analysis of email headers and content CanIPhish automatically detected this was a simulated phishing email.
Note: A positive phish email notification will be sent to the reporter. - Actual Phish: Manual analysis required. A CanIPhish administrator categorised this email as a phish.
Note: A positive phish email notification will be sent to the reporter. - Not Phish: Manual analysis required. A CanIPhish administrator categorised this email as legitimate.
Note: A negative phish email notification will be sent to the reporter. - Analysis Required: Employee reported phishing. A CanIPhish administrator needs to analyse the email.
- Simulated Phish: Through analysis of email headers and content CanIPhish automatically detected this was a simulated phishing email.
- On the Reporting page under the Campaign Statistics tab. Here you can view all simulated phishing campaigns and the successfulness of each. With each campaign you can see how many emails were delivered, viewed, payloads clicked and targets compromised. With employee reported phishing enabled, you can also see how many targets reported the simulated phish which is a good behaviour to enforce.
To get started, simply install the relevant CanIPhish Report Phish Add-on and notify your employees to use it to report suspected phishing emails!
Comments
0 comments
Please sign in to leave a comment.