This article answers the frequently asked questions on Sophos Phish Threat V2. The following sections are covered:
Applies to the following Sophos products and versions Phish Threat V2
There is no limit.
There is a grace period of at least one hour, after starting the campaign, before emails are sent. The time-to-start-campaign settings only allow campaigns to start on the hour. For example, if you create a campaign at 12:01, the soonest you can choose to start the campaign is 14:00 since 13:00 is less than an hour.
Users will be applied toward the Phish Threat license when a campaign email is sent to them.
V2 is currently limited to Phishing, Credential Harvesting, Attachment and Training campaigns as of 5th July 2018.
Campaign content can be customized when creating the campaign, but unlike version 1 of Phish Threat, you are not able to directly modify the HTML code of the attack.
No. Once a campaign is activated, it cannot be modified.
Yes. If you have configured a campaign to send all emails immediately, all emails will be sent, and no further updates of user actions or behavior will be seen or reported back. If your campaign is configured to send emails in increments, it will not send any remaining emails that have not yet been scheduled to send
No. Currently there is no option to delete campaigns or campaign data after it has been created.
No. When you create a campaign and change any of the default information in the campaign, a new campaign template is created with the new content. The new template will be available when you go to create another campaign. For example, if you modify the Encrypted Message attack on 16th February 2018, the name of the new template will be displayed as [Custom] Encrypted Message 2018-02-16.
[Custom] Encrypted Message 2018-02-16
No. You can only send phishing simulations using the domains available at Sophos Phish Threat > Settings > Sending domains and IPs.
Go to Sophos Central Dashboard > Email Gateway > Settings > Click Inbound Allow / Block under Email Security > Click Add > Select Add allow > Enter the domain for the campaign as listed in Sophos Phish Threat > Settings > Sending domains and IPs.
Add the domain of the campaign as outline in Reflexion: Add Email Addresses and Domains to the Allow List.
A Training campaign URL is valid for 90 days but will immediately become inaccessible once the campaign has ended.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable for us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.