Get Demo

Phishing Campaign Reports

This section describes the basic functionalities of phishing campaign reports, which you can find from the Phishing Simulator > Campaign Manager and click the Instances button to access the reports of the phishing campaign.

Once you go inside the Instances of a campaign, you will see reports for that campaign; click on the View Report button under the Actions column to access the phishing campaign report.

View Report Details

In a campaign report, there are many sub-menus that provide valuable statistics about your phishing campaign. Here are the following menus on a campaign report:

Summary

The Summary provides a brief synopsis of the phishing scenario and options for further action.

Download Report

An .xls format version of the phishing scenario report is available for download by clicking the Download Report button.

Resend Campaign

Resend the phishing scenario to the same target user group with the same settings by clicking the Resend Campaign button.

Summary Widgets

This section provides the opportunity to display the results of the campaign in a useful pie chart presentation.

Opened Email

The number and percentage of target users who opened the phishing email

Clicked Email

The number and percentage of target users who clicked on the URL in the phishing email.

Submitted Data

The number and percentage of target users who submitted data on the landing page of the phishing scenario.

Opened Attachment

The number and percentage of target users who opened the attachment file.

Phishing Reporters

The number and percentage of target users who reported the simulated phishing email by using the platform's suspicious email reporter add-in.

No Response

The number and percentage of target users who did not take any action in response to the phishing e-mail.

Campaign Info

Target Groups

The total number of target groups selected for the phishing campaign.

Smart Grouping

If enabled, users who fail at the phishing campaign are automatically added to the selected target group.

Target Users

The total number of users selected to receive the phishing campaign email.

Campaign Lifetime

The date and time the phishing campaign will be terminated. No additional data will be processed in the phishing report after the expired date.

Languages

Language used in the phishing scenario.

Scenario Distribution

Shows which scenario distribution setting is used for the campaign. See more info about the scenario distribution feature here.

Scenario Info

Number of Categories

The number of categories of selected scenarios.

Languages

The number of languages of selected scenarios.

Method

The list of methods of selected scenarios.

Difficulty

The difficulty levels of selected scenarios.

Email Delivery

Delivery Start - End

The date and time the campaign was started and was/will be ended to complete sending the email to all selected users.

Duration

It shows how long it took to send the campaign email to all selected users.

Delivery Status

Out of the total number of chosen users, it displays how many of them successfully received the campaign email and how many did not. Please go to Sending Report menu to see more information.

Phishing Scenarios

This section displays general information about the content of the phishing scenario. If you selected multiple scenarios, you can switch between them to preview.

Name

Name of the phishing scenario.

Method

Phishing scenarios can be created in one of several forms.

  • Data Submit = Designed to detect target users who submit data on the landing page.

  • Attachment = Designed to detect users who open the attached file by opening the file attachment in the e-mail.

  • Click-Only = Designed to detect users who click on the phishing link in the email.

Difficulty

Difficulty level of the phishing scenario (easy, medium, hard)

Language

Language used in the phishing scenario.

Email that will be sent to users

This section displays details of the sender’s name, the difficulty level, and the phishing scenario type sent to the target users.

You can preview the email template design of the phishing scenario sent to the target users by clicking on the Preview button.

Landing Page for Users Who Clicked on the Phishing Link

The URL, difficulty level, and scenario type of the landing page content of the phishing scenario sent to the target users are displayed here.

You can preview the landing page design of the phishing scenario sent to the target users by clicking on the Preview button.

Opened

This section displays the information of the target users who opened the phishing scenario email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the phishing scenario that is sent to user

Last Opened

Date and time a target user last opened the phishing email

Times Opened

Number of times a target user opened the phishing email

Hide Sandbox Activity

If a sandbox solution has analyzed the simulated phishing email that is generated for the target user, you can choose to show or hide this false positive information in the menu.

Activity Type

List the human or sandbox activities by using one of the following options.

  • Human Activity: The human has opened the simulated phishing email.

  • Sandbox Activity: The sandbox solutions have opened the simulated phishing email.

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Clicked

This section provides details of the target users who clicked on the phishing link.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the phishing scenario that is sent to user

Last Clicked

Date and time the user last clicked on the URL in the phishing email

Times Clicked

Number of times the user clicked on the phishing link

Hide Sandbox Activity

If a sandbox solution has analyzed the simulated phishing email that is generated for the target user, you can choose to show or hide this false positive information in the menu.

Activity Type

List the human or sandbox activities by using one of the following options.

  • Human Activity: The human has clicked the simulated phishing link.

  • Sandbox Activity: The sandbox solutions have clicked the simulated phishing link.

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Submitted Data

This section displays details of a target user who submitted data on the landing page of the phishing scenario.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Password Complexity

Complexity level of the password submitted on the landing page of the phishing email. (very weak, weak, medium, strong, very strong)

TIP: The platform only captures the length and the first character of a password.

Scenario Name

Name of the phishing scenario that is sent to user

Last Submission

Date and time that the user last submitted data on the landing page of the phishing scenario

Times Submitted

Number of times that the target user submitted data on the landing page of the phishing scenario

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Opened Attachment

This section displays the details of a target user who opened the attachment file.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the phishing scenario that is sent to user

Last Opened

Date and time that the user last opened the attachment file

Times Opened

Number of times that the target user opened the attached file

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

No Response

This section displays the details of target users who did not take any action in response to the phishing email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the phishing scenario that is sent to user

Last Send Date

Date and time that the phishing email was sent to the target user

Action

The Resend button allows you to resend the same phishing email.

Phishing Reporter

This section provides details of target users who reported phishing emails using the phishing reporter add-in.

Additional information on the Phishing Reporter is available here.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the phishing scenario that the user reported.

Last Reported

Date and time when a user reported the phishing email using the phishing reporter add-in.

Times Reported

Number of times that a user reported the phishing email using the phishing reporter add-in.

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Sending Report

This section provides a summary report of the delivery of the phishing email to the target users.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the phishing scenario that is sent to user

Email Delivery

Which SMTP is used to deliver the simulation emails to the users.

Date Sent

The last date and time that the email has been sent to target user.

Delivery Status

Status of the phishing email sent to the target user

  • In Queue = The phishing email is in the queue to be sent.

  • Successful = The phishing email was sent successfully.

  • Error = An error occurred in the delivery of the phishing email.

  • Cancelled = This user was eliminated as a target for this phishing campaign.

Action

The Resend button allows you to resend the same phishing email. The Details button allows you to see the email delivery details.

Tutorial Video

This tutorial describes the basic functionalities of phishing campaign reports which you can find in the Campaign Reports menu.

FAQ

Q: Can I download a phishing scenario report?

A: Yes. You can download a report that provides details of the campaign by clicking on the Download Report button.

Q: Can I change the content of the report of the phishing scenario?

A: No. The information in the report cannot be changed.

Q: Can I resend the scenario to users who did not open the email?

A: Yes. The resend function allows you to send the phishing scenario to any user you select.

Q: Can I check on the status of the campaign?

A: Yes. The Sending Report option provides you with a view of the current activity of the phishing scenario.

Q: Can I import reports into my own reporting tool (e.g., Qlik Sense, Tableau, PowerBI)?

A: Yes. You can transfer all of our reports through an API, enabling you to use the information as needed to suit your business. Additional information on APIs is available here.

Q: What are the differences between the Only Opened Emails, Only Clicked Links vs Opened Emails and Clicked Links tabs in the downloaded excel report?

A: The differences are explained below.

  • "Only Opened Emails" will show the users who only opened the email and didn't go further, such as clicking the link.

  • "Only Clicked Links" will show the users who opened the email and then clicked the link and didn't go further, such as data submission.

  • "Opened Emails" will show the users who opened emails. It doesn't matter if user clicked the link or submitted any data.

  • "Clicked Links" will show the users who opened and then clicked the link. It doesn't matter if the user submitted any data.

Q: How do you determine if a "user agent" belongs to a sandbox or a real email user?

A: Please see below how the Sandbox Activity Detection feature works to identify false positive clicks.

  1. Rule 1: User Agent Signatures: We have a list of 10+ sandbox user agent patterns. If a user action matches these, it's flagged as sandbox activity.

  2. Rule 2: Honeypot Link: We embed invisible "Honeypot" links in our emails. While humans can't see or click them, sandboxes often access them, revealing their presence.

  3. Rule 3: Request Header Analysis: By examining request headers, we can identify unique characteristics that differentiate sandbox activities from real user actions.

PreviousPhishing Campaign ManagerNextSettings

Last updated

Copyright © Keepnet Labs LTD. All rights reserved.