Phish Threat Training Question

Can you change the way that the users access the training? It seems counterproductive to have them "click on a link in an email" to access the training when they arrived at the training by failing the test by "clicking on a link in an email".

  • Hey  

    Thanks for your feedback.

    This may be difficult to achieve as each user is sent a unique link (for progress tracking purposes).

    What alternative suggestions did you have in mind?

    Regards,

  • Hi  

    Can I ask what language(s) you are currently using for your simulations and training? We recently added new training modules in a number of languages including English, Spanish, French and brazilian portuguese.

    You can find out more here: https://news.sophos.com/en-us/2018/10/26/stunning-new-phish-threat-modules/

    Thanks

    Rich

  • In reply to FloSupport:

    How about you give me the URL to the training for a particular campaign and I can put it on our Intranet and when the user clicks the link on the Intranet to do the training, they would enter their username. That way, we could still track who did the training.

  • In Phish Threat v1, the training would immediately open in a browser. I would like to keep that functionality. Same comment - I don't want them to click links after clicking the wrong link. Especially when the link is not coming from our internal team - it's counter-productive because the users do not associate the Sophos name with training. They may think they're being phished again.

  •  I agree, sending an email for training in something you failed at in an email creates to much tension, they can simply tell their boss they thought it was another test so they ignored the email.  It just taints the goal of getting staff trained and adds stress for IT.

     

    However couldn't this also be tied into the Sophos app running in the task bar on the computer, you could have the normal status and events section but also a training section.  The training section could display all available training IT wants out there, this could be training that users are required to take due to opening a phish threat email as well as optional ones they may want to take to be proactive.  Give them a chance to take the training before opening the email, this was we would know if the training is even successful or not. 

    There could even be a required training and optional training section, users could enter their email to keep track of who has taken what but also this could give them a score in terms of points on how much training they have taken and create a little competition in the office, basically take the training and put a positive spin on it by getting the staff more involved in a voluntary basis and have the chance to know what to look for before you try to trick them, this might alleviate a lot of the tension between Phish Threat and office staff. 

    Just a thought...................

  • In reply to bad robot:

    Thank you to everyone for your suggestions, i'll forward this thread over to our team for visibility.

    I would also highly advise to please raise these as ideas on our Sophos Ideas portal, as our product team monitors this page.

    Best,