This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Email Phish Threat

Good Morning, 

I am creating a campaign and I'm having troubles finding a few things.  My HR department needs to vet all Sophos text for the users and I 'm having troubles finding examples of the landing pages after a user clicks the link (not credential harvesting landing page).  For the phishing category when sending a test email the link leads to a 404 Sophos page.  An example of the page after a user would enter their credentials would be needed as well.

Question 2.

For email attachment campaign strategies does the customized attachment open in outlook with the custom attachment?  


Question 3.

is this all correct for steps to do.

Whitelist links on firewall

whitelist domains on O365 and email security gateways

whitelist attachments in O365 

This thread was automatically locked due to age.
    1. The test email redirecting to a 404 page is expected as the email is only to test the email itself.  If you need to collect these examples I'd suggest creating a test campaign and only enrolling yourself into it, collecting everything you need from the campaign email sent out to you.

    2. The attachment campaign sends an email with an attachment in the email.  Only when this attachment is opened and "Enable content" is turned on, the user will have failed the campaign.  Simply opening the attachment in Outlook's preview pane does not enable macros/content and will not trigger a failure.

    3. The whitelisting you've done is correct.  You'll also want to make sure automatic download of images is allowed for the domains in Outlook as well.