LogoLogo
Get Demo
  • 💫NEXT-GENERATION PRODUCT
    • Introduction
    • Getting Started
      • 1. Invite System Users
      • 2. Add Target Users
        • Add Users via CSV
        • Add users via SCIM
          • SCIM Setup in Azure AD
          • SCIM Setup in Okta
          • SCIM Setup in Onelogin
          • SCIM Setup in Jumpcloud
        • Add users via LDAP
        • Add Users via API
      • 3. Email Deliverability
        • Microsoft 365
          • M365: Direct Email Creation
          • M365: Whitelisting
        • Google Workspace
          • Google: Direct Email Creation
          • Google: Whitelisting
        • Exchange 2013 and 2016
      • 4. Track Opened Emails
      • 5. Allow Phishing URLs
        • Whitelist for Office 365
        • Whitelist for Google Workspace
        • Whitelist for Exchange 2013/2016
        • Whitelist in Security Solutions
      • 6. Setup Phishing Reporter
        • Step 1. Download Phishing Reporter
        • Step 2. Deploy Phishing Reporter
          • How to Deploy Add-In in Microsoft 365
          • How to Deploy Add-In in Exchange Admin Center
          • How to Deploy Add-In in Google Workspace
          • How to Deploy Add-In in Outlook
            • Troubleshooting Phishing Reporter Add-In on Outlook Desktop
      • 7. Incident Responder Setup
        • Step 1. Integrate Threat Intel Partners
        • Step 2. Mail Configurations
          • Microsoft 365
          • Google Workspace (Gsuite)
          • Exchange (EWS)
    • Platform
      • Dashboard
        • Dashboard Widgets
        • Incident Responder Widgets
        • Threat Sharing Widgets
        • Phishing Simulator Widgets
      • Threat Intelligence
      • Email Threat Simulator
        • Start Scan
        • View Scan Report
        • Create Trusted Account on Exchange
        • Start Scan on O365 Email Account
        • Start Scan on Google Workspace Email Account
      • Threat Sharing
        • Communities
        • Incidents
      • Phishing Simulator
        • Manage Phishing Scenarios
          • Phishing Scenarios
          • Email Templates
          • Landing Pages
        • Phishing Campaign Manager
        • Phishing Campaign Reports
        • Settings
          • DNS Services and Domains
          • Exclude IP Address
      • Callback Simulator
        • Manage Callback Scenarios
          • Callback Scenarios
          • Callback Email Templates
          • Callback Templates
        • Callback Campaign Manager
        • Callback Campaign Reports
        • Settings
          • Callback Phone Numbers
      • Vishing Simulator
        • Vishing Templates
        • Vishing Campaign Manager
        • Vishing Campaign Reports
      • Smishing Simulator
        • Manage Smishing Scenarios
          • Smishing Scenarios
          • Text Message Templates
          • Landing Page Templates
        • Smishing Campaign Manager
        • Smishing Campaign Reports
        • Settings
          • Manage DNS and Domains
          • Exclude IP Addresses
      • Quishing Simulator
        • Manage Quishing Scenarios
          • Quishing Scenarios
          • Quishing Templates
          • Quishing Landing Page Templates
        • Quishing Campaign Manager
        • Quishing Campaign Reports
        • Settings
          • DNS and Domains
          • Excluding IP Address
      • Awareness Educator
        • Training Library
        • Enrollments
        • Certificates
        • Training Reports
        • Training Completion Queries
      • Incident Responder
        • Incident Responder Dashboard
        • Investigations
        • Integrations
        • Playbook
        • Mail Configurations
          • Microsoft 365
          • Exchange
          • Google Workspace
        • Cross Company Integration
      • Phishing Reporter
        • Phishing Reporter Customization
        • Phishing Reporter Deployment
          • How to Deploy the Add-in in Microsoft 365
          • Phishing Reporter Page View Failure Due to Deprecated Exchange Online Tokens
          • Microsoft Ribbon Phishing Reporter
          • How to Deploy the Add-in in Exchange Admin Center
          • How to Deploy the Add-in in Google Workspace
          • Phishing Reporter Announcement Email Template
        • Diagnostic Tool
        • Integrating Microsoft Phishing Reporting Button with Keepnet
        • Troubleshooting Phishing Reporter on Outlook Desktop
      • Reports
        • Advanced Reports
        • Executive Reports
        • Scheduled Reports
        • Gamification Report
      • Company
        • Target Users
        • Companies
          • Company Groups
        • Company Settings
          • Privacy
            • Account Privacy
            • Data Privacy
          • AI Ally Settings
          • SMTP Settings
          • Direct Email Creation
            • Direct Email Creation for Google Workspace
            • Direct Email Creation for Microsoft 365
          • Notification Templates
          • Google User Provisioning
          • REST API
          • White Labeling
          • Proxy Settings
          • SAML Settings
            • How to Configure SAML on ADFS
            • How to Configure SAML on Google Workspace
            • How to Configure SAML on Azure AD
            • How to Configure SAML on CyberArk
            • How to Configure SAML on Okta
          • SCIM Settings
            • Getting Started with SCIM
            • Azure AD SCIM Integration
            • Okta SCIM Integration
            • Onelogin SCIM Integration
            • Jumpcloud SCIM Integration
          • SIEM Integrations
            • Splunk Integration
            • Syslog Integration
          • LDAP
          • Allowed Domains
        • System Users
          • People
          • Roles
        • Audit Log
        • Job Log
      • Free Phishing Email Analysis Service
    • Miscellaneous
      • Whitelisting
        • How to Whitelist an IP Address in Office 365
        • How to Whitelist an IP Address in Exchange 2013 and 2016
        • How to Whitelist an IP Address in Google Workspace
        • How to Whitelist in Mimecast
        • Whitelisting in Other Security Solutions
        • Whitelisting the Pictures on Microsoft Outlook Apps
        • Keepnet Tools Whitelisting Guidelines
        • Understanding Email Delivery Errors
        • Tracking Email Opens in Phishing Simulations
      • User Profile
      • Multi-Factor Authentication (MFA) Settings
      • On-Premise Requirement Checker
      • Platform Requirements
        • Portal UI Requirements
        • Phishing Reporter Requirements
        • Diagnostic Tool Requirements
      • Maintenance Tool
      • Understanding the Preferred Language Setting
  • 📚RESOURCES
    • Platform Security
    • Volume & Performance
    • Customer Help Desk
    • Product Update/Maintenance
    • Research Methodology
    • Release Notes
      • 2025
      • 2024
      • 2023
      • 2022
      • 2021
      • 2020
  • ⚖️Legal Hub
    • For Customers
      • Customer Terms of Service
      • Product Specific Terms
      • Jurisdiction Specific Terms
      • Data Processing Agreement
      • Regional Data Hosting Policy
      • Product and Services Catalog
      • Acceptable Use Policy
      • Keepnet Security Program
      • Microsoft CoPilot Usage Policy
    • For Everyone
      • Website
        • Terms of Use
        • Privacy Policy
        • Cookie Policy
      • Free Phishing Email Analysis
        • Terms of Service
        • Privacy Policy
      • Transparency Report
Powered by GitBook
On this page
  • View Report Details
  • Summary
  • Campaign Info
  • Email Delivery
  • Callback Scenarios
  • Top Menus
  • Opened
  • Called Back
  • Entered Digits
  • No Response
  • Reporters
  • Sending Report
  • Understanding Bot Activity vs. Human Activity in Reports
  • Video Tutorial

Was this helpful?

Export as PDF
  1. 💫NEXT-GENERATION PRODUCT
  2. Platform
  3. Callback Simulator

Callback Campaign Reports

PreviousCallback Campaign ManagerNextSettings

Last updated 12 hours ago

Was this helpful?

Copyright © Keepnet Labs LTD. All rights reserved.

This section describes the basic functionalities of callback campaign reports, which you can find from the Callback Simulator > menu.

View Report Details

To view the details of a callback campaign report, navigate to the Callback Simulator > Campaign Manager menu. Then, select the Instance button for the campaign you want to review, and click on Action followed by View Report.

Summary

The Summary provides a brief synopsis of the callback scenario and options for further action.

Download Report

A .xlsx format version of the callback campaign report is available for download by clicking the Download Report button.

Resend Campaign

Resend the callback scenario to the same target user group with the same settings by clicking the Resend Campaign button.

Summary Widgets

This section provides the opportunity to display the results of the campaign in a useful pie chart presentation.

No Response

The number and percentage of target users who did not take any action in response to the callback email.

Opened Email

The number and percentage of target users who opened the callback email

Called Back

The number of target users who called the simulation phone number listed on the simulation email.

Entered Digits

The number of target users who submitted their credentials on the call.

Campaign Info

Target Users

The total number of users selected to receive the callback campaign email.

Campaign Lifetime

The date and time the callback campaign will be terminated. No additional data will be processed in the callback report after the expired date.

Languages

Language used in the callback scenario.

Email Delivery

Delivery Start - End

The date and time the campaign was started and was/will be ended to complete sending the email to all selected users.

Duration

It shows how long it took to send the campaign email to all selected users.

Delivery Status

Callback Scenarios

Scenario Info

This section displays general information about the content of the callback scenario. If you selected multiple scenarios, you can switch between them to preview.

Name

Name of the callback scenario.

Difficulty

Difficulty level of the callback scenario (easy, medium, hard)

Language

Language used in the callback scenario.

Email Template

This section displays details of the sender’s name, the difficulty level, and the callback scenario type sent to the target users.

You can preview the email template design of the callback scenario sent to the target users by clicking on the Preview button.

Callback Template

The difficulty, AI language or callback voice steps of the callback scenario sent to the target users are displayed here.

You can preview the callback template design of the callback scenario sent to the target users by clicking on the Preview button.

Top Menus

Opened

This section displays the information of the target users who opened the callback campaign email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Last Opened

Date and time a target user last opened the callback email

Times Opened

Number of times a target user opened the callback email

Action

The Resend button allows you to resend the same callback email.

The Details option shows the date and time a user opened the callback email, the user agent, browser information, geolocation, IP information, and other information.

Called Back

This section provides details of the target users who called the phone number back listed on the callback simulation email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the callback scenario that is sent to user

Last Caller ID

The simulation phone number that is selected for the callback campaign.

Last Called Back

Last date and time that the user called back the phone number listed on the callback simulation email.

Times Called Back

Number of times the user called back the phone number listed on the callback simulation email.

Action

The Resend button allows you to resend the same callback email.

The Details option shows the date and time a user opened the callback email, the user agent, browser information, geolocation, IP information, and other information.

Entered Digits

This section displays details of a target user who submitted data on the phone call.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Last Caller ID

The simulation phone number that is selected for the callback campaign.

Last Entered Digits

Last date and time that the user submitted credentials on the phone call.

Times Entered Digits

Number of times that the target user submitted data on the phone call.

Action

The Resend button allows you to resend the same callback email.

The Details option shows the date and time a user opened the callback email, the user agent, browser information, geolocation, IP information, and other information.

No Response

This section displays the details of target users who did not take any action in response to the callback email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the callback scenario that is sent to user

Email Send Date

Date and time that the callback email was sent to the target user

Action

The Resend button allows you to resend the same callback email.

Reporters

This section provides details of target users who reported callback emails using the phishing reporter add-in.

Additional information on the Phishing Reporter is available here.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the callback scenario that is sent to user

Last Reported

Date and time when a user reported the callback email using the phishing reporter add-in.

Times Reported

Number of times that a user reported the callback email using the phishing reporter add-in.

Action

The Resend button allows you to resend the same callback email.

The Details option shows the date and time a user opened the callback email, the user agent, browser information, geolocation, IP information, and other information.

Sending Report

This section provides a summary report of the delivery of the callback email to the target users.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Date Last Send

Last date and time that the callback email sent to user.

Delivery Status

Status of the callback email sent to the target user

  • In Queue = The callback email is in the queue to be sent.

  • Successful = The callback email was sent successfully.

  • Error = An error occurred in the delivery of the callback email.

  • Cancelled = This user was eliminated as a target for this callback campaign.

Action

The action buttons:

  • The Resend button allows you to resend the same callback email.

  • The Details button to see the detailed email delivery status.

Understanding Bot Activity vs. Human Activity in Reports

In callback campaign reports, Human Activity refers to real actions taken by users, such as opening emails. In contrast, Bot Activity represents automated interactions triggered by email security systems, spam filters, or sandboxing tools. These bots scan emails and follow links as part of their protective duties—sometimes even before users see the message.

Bot activity may appear in the Opened section of the report. For example, if a security system opens an email to analyze it, or clicks a link inside of the email to test the destination, these actions may be captured and flagged as bot interactions.

To ensure accurate reporting, the platform automatically detects and labels such activity based on predefined detection rules. Any record classified as Bot Activity will carry a special tag and can be excluded from the view by clicking the “Hide Bot Activity” button. Admins can also hover over the info (ⓘ) icon in the Activity Type column to see which rule was triggered.

The detection rules are:

  • A1 – Unusual User-Agent Interacted: Triggered when an atypical or suspicious user-agent (browser identifier) is detected.

  • A2 – Honeypot Link Reused: The hidden callback phishing simulation link inside of the email clicked multiple times by the same IP and user-agent within 5 minutes—indicating automation.

  • A3 – Same-Second Activity Spike: Multiple activities occurred at the exact same time, which is unlikely for human users.

  • A4 – Stop Bot Activity Challenge Failed:

    • A4.1 – The callback phishing simulation link was clicked, but the invisible browser javascript challenge was not passed.

    • A4.2 – The browser failed to load required scripts that a real user’s browser would normally execute.

If customers see several entries marked as Bot Activity, it typically means that their security tools pre-screened the callback simulation links inside of the callback email. To evaluate real user behavior, they should filter the report by Activity Type or use the “Hide Bot Activity” toggle. For better accuracy in future callback simulations, they may consider whitelisting Keepnet domains to reduce interference from automated systems.

By filtering out bot noise, organizations gain a clearer understanding of true user actions and risk levels.

Video Tutorial

This tutorial describes the basic functionalities of callback campaign reports.

Out of the total number of chosen users, it displays how many of them successfully received the campaign email and how many did not. Please go to menu to see more information.

Sending Report
Campaign Manager