News: Feature update

 

Overview

Phishing attacks use multiple tactics to appear legitimate, the senders email address and domain name used is arguably one of the biggest tale-tale signs. So, when sending training emails related to your Phish Threat campaigns, you want users to know it’s you, and that it’s safe to click.

That’s why we’re pleased to release the ability for customers to customize the full email address used in the delivery of training related emails to end users, rather than “Sophos training@staysafe.sophos.com

These training-related emails include:

  • Enrollment emails - only used in training campaigns

 

  • Training "reminder emails” - used in all campaign types

 

  • Caught emails - only used in attachment campaigns

  

 

How to customize your sender address

You’ll be sending from your own domain in no time at all, with a simple three step process:

  1. Open Sophos Central and navigate to the Phish Threat section and a new page listed in "Settings" called "Automated Emails"
  2. Select the “Use Custom, Verified Sender Email” toggle and enter your chosen sender name and email address (ensure you own the domain you enter)
  3. You’ll then receive a verification email to the email address entered in step two. Simply click the link to verify it’s you

 

Once verification is complete (this will take a moment), you can begin building Phish Threat campaigns that use your custom email address.

This allows you to effectively train users on phishing tactics, without needing to explain why training emails are coming from Sophos.

 

Remarks

  • These features have been automatically applied to your Sophos Phish Threat service in Sophos Central
  • This feature is applied to the Phish Threat account and is not configured on a campaign by campaign basis
  • The sending address configured using this feature will only apply to the training related emails mentioned above (enrollment emails, training reminders, and caught user notifications). This sending address will not be applied to simulated phishing emails
  • If the feature has been enabled using the "Use Custom, Verified Sender Email" toggle and Phish Threat cannot detect a valid, verified sender email to use for this feature, we will continue to send procedural emails using "Sophos <training@staysafe.sophos.com>"