This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Phish Threat and Forwarding

Howdy Friends, 

While conducting a scheduled campaign recently we had a member of our executive team reach out to inquire if there was a way to differentiate between when a user simply opens the email, and if they had forwarded it onto other recipients or not? I'm not seeing anything in Sophos Central jumping out at me that would indicate that, but I may be missing something here. 

Thank you for any and all information/direction you may be able to provide. 

Edited TAGs
[edited by: emmosophos at 5:22 PM (GMT -8) on 16 Feb 2024]