Phishing Campaign Reports

This section describes the basic functionalities of phishing campaign reports, which you can find from the Phishing Simulator > Campaign Manager and click the Instances button to access the reports of the phishing campaign.

Once you go inside the Instances of a campaign, you will see reports for that campaign; click on the View Report button under the Actions column to access the phishing campaign report.

View Report Details

In a campaign report, there are many sub-menus that provide valuable statistics about your phishing campaign. Here are the following menus on a campaign report:

Summary

The Summary provides a brief synopsis of the phishing scenario and options for further action.

Download Report

An .xls format version of the phishing scenario report is available for download by clicking the Download Report button.

Resend Campaign

Resend the phishing scenario to the same target user group with the same settings by clicking the Resend Campaign button.

Summary Widgets

This section provides the opportunity to display the results of the campaign in a useful pie chart presentation.

Opened Email

The number and percentage of target users who opened the phishing email

Clicked Email

The number and percentage of target users who clicked on the URL in the phishing email.

Submitted Data

The number and percentage of target users who submitted data on the landing page of the phishing scenario.

Opened Attachment

The number and percentage of target users who opened the attachment file.

Phishing Reporters

The number and percentage of target users who reported the simulated phishing email by using the platform's suspicious email reporter add-in.

No Response

The number and percentage of target users who did not take any action in response to the phishing e-mail.

Campaign Info

Target Groups

The total number of target groups selected for the phishing campaign.

Hyper-Personalization

With the 'Preferred Language' option, users will receive scenarios in their preferred language. Those without a preferred language will receive scenarios in the company's default language.

Smart Grouping

If enabled, users who fail at the phishing campaign are automatically added to the selected target group.

Target Users

The total number of users selected to receive the phishing campaign email.

Campaign Lifetime

The date and time the phishing campaign will be terminated. No additional data will be processed in the phishing report after the expired date.

Languages

Language used in the phishing scenario.

Scenario Distribution

Scenario Info

Number of Categories

The number of categories of selected scenarios.

Languages

The number of languages of selected scenarios.

Method

The list of methods of selected scenarios.

Difficulty

The difficulty levels of selected scenarios.

Email Delivery

Delivery Start - End

The date and time the campaign was started and was/will be ended to complete sending the email to all selected users.

Duration

It shows how long it took to send the campaign email to all selected users.

Delivery Status

Phishing Scenarios

This section displays general information about the content of the phishing scenario. If you selected multiple scenarios, you can switch between them to preview.

Name

Name of the phishing scenario.

Method

Phishing scenarios can be created in one of several forms.

Data Submit = Designed to detect target users who submit data on the landing page.
Attachment = Designed to detect users who open the attached file by opening the file attachment in the e-mail.
Click-Only = Designed to detect users who click on the phishing link in the email.

Difficulty

Difficulty level of the phishing scenario (easy, medium, hard)

Language

Language used in the phishing scenario.

Email that will be sent to users

This section displays details of the sender’s name, the difficulty level, and the phishing scenario type sent to the target users.

You can preview the email template design of the phishing scenario sent to the target users by clicking on the Preview button.

Landing Page for Users Who Clicked on the Phishing Link

The URL, difficulty level, and scenario type of the landing page content of the phishing scenario sent to the target users are displayed here.

You can preview the landing page design of the phishing scenario sent to the target users by clicking on the Preview button.

Opened

This section displays the information of the target users who opened the phishing scenario email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that is sent to user

Last Opened

Date and time a target user last opened the phishing email

Times Opened

Number of times a target user opened the phishing email

Hide Sandbox Activity

If a sandbox solution has analyzed the simulated phishing email that is generated for the target user, you can choose to show or hide this false positive information in the menu.

Activity Type

List the human or sandbox activities by using one of the following options.

Human Activity: The human has opened the simulated phishing email.
Sandbox Activity: The sandbox solutions have opened the simulated phishing email.

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Clicked

This section provides details of the target users who clicked on the phishing link.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that is sent to user

Last Clicked

Date and time the user last clicked on the URL in the phishing email

Times Clicked

Number of times the user clicked on the phishing link

Hide Sandbox Activity

If a sandbox solution has analyzed the simulated phishing email that is generated for the target user, you can choose to show or hide this false positive information in the menu.

Activity Type

List the human or sandbox activities by using one of the following options.

Human Activity: The human has clicked the simulated phishing link.
Sandbox Activity: The sandbox solutions have clicked the simulated phishing link.

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Submitted Data

This section displays details of a target user who submitted data on the landing page of the phishing scenario.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Password Complexity

Complexity level of the password submitted on the landing page of the phishing email. (very weak, weak, medium, strong, very strong)

Scenario Name

Name of the phishing scenario that is sent to user

Last Submission

Date and time that the user last submitted data on the landing page of the phishing scenario

Times Submitted

Number of times that the target user submitted data on the landing page of the phishing scenario

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Opened Attachment

This section displays the details of a target user who opened the attachment file.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that is sent to user

Last Opened

Date and time that the user last opened the attachment file

Times Opened

Number of times that the target user opened the attached file

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

No Response

This section displays the details of target users who did not take any action in response to the phishing email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that is sent to user

Last Send Date

Date and time that the phishing email was sent to the target user

Action

The Resend button allows you to resend the same phishing email.

Phishing Reporter

This section provides details of target users who reported phishing emails using the phishing reporter add-in.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that the user reported.

Last Reported

Date and time when a user reported the phishing email using the phishing reporter add-in.

Times Reported

Number of times that a user reported the phishing email using the phishing reporter add-in.

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Sending Report

This section provides a summary report of the delivery of the phishing email to the target users.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that is sent to user

Email Delivery

Which SMTP is used to deliver the simulation emails to the users.

Date Sent

The last date and time that the email has been sent to target user.

Delivery Status

Status of the phishing email sent to the target user

In Queue = The phishing email is in the queue to be sent.
Successful = The phishing email was sent successfully.
Error = An error occurred in the delivery of the phishing email.
Cancelled = This user was eliminated as a target for this phishing campaign.

Action

The Resend button allows you to resend the same phishing email. The Details button allows you to see the email delivery details.

How Password Complexity is Calculated

When a user submits a form containing a password field, we evaluate the password using a scoring system that determines how strong or weak it is. This score is based on the structure and patterns used in the password.

We do not store or receive full user passwords. Before the form is submitted:

Only the first character of the password is kept.
All remaining characters are replaced with asterisks (*), e.g. P********.

This ensures that no actual password is transmitted or stored, supporting both user privacy and compliance with security best practices.

Positive Scoring Factors

Feature

Scoring Logic

Description

Length

length * 4

Longer passwords score higher

Uppercase letters

(length - uppercaseCount) * 2

More uppercase letters (A–Z) = more points

Lowercase letters

(length - lowercaseCount) * 2

More lowercase letters (a–z) = more points

Numbers

count * 4

Numbers increase the score

Symbols

count * 6

Symbols (!@# etc.) give a strong boost

Middle numbers/symbols

count * 2

Placing numbers/symbols in the middle adds bonus

Meets requirements

# of types used * 2

Bonuses for using at least 3–4 character types

Negative Scoring Factors

Weak Pattern

Penalty Logic

Description

Only letters

-length

No digits or symbols = deduction

Only numbers

-length

No letters or symbols = deduction

Repeated characters

-variable penalty

Penalized based on how often characters repeat

Consecutive uppercase

-count * 2

Sequences like "AAA" are discouraged

Consecutive lowercase

-count * 2

Same logic as above with lowercase

Consecutive numbers

-count * 2

Same logic with digits

Sequential letters (abc)

-count * 3

Penalizes predictable patterns

Sequential numbers (123)

-count * 3

Sequential symbols (!@#)

-count * 3

Complexity Rating (Based on Score)

Score Range

Complexity Rating

Description

0–19

5 (Very Weak)

Needs major improvement

20–39

4 (Weak)

Below average

40–59

3 (Moderate)

Meets some standards

60–79

2 (Strong)

Good overall security

80–100

1 (Very Strong)

Excellent password

Thank you — here is the final version incorporating that bot activity may apply to both "Opened Email" and "Clicked Link" events, and still maintaining the correct documentation format with only one Heading 2 and one Subheading 3:

Understanding Bot Activity vs. Human Activity in Reports

In phishing campaign reports, Human Activity refers to real actions taken by users, such as opening emails, clicking links, or submitting data. In contrast, Bot Activity represents automated interactions triggered by email security systems, spam filters, or sandboxing tools. These bots scan emails and follow links as part of their protective duties—sometimes even before users see the message.

Bot activity may appear in both Opened Email and Clicked Link sections of the report. For example, if a security system opens an email to analyze it, or clicks a link to test the destination, these actions may be captured and flagged as bot interactions.

To ensure accurate reporting, the platform automatically detects and labels such activity based on predefined detection rules. Any record classified as Bot Activity will carry a special tag and can be excluded from the view by clicking the “Hide Bot Activity” button. Admins can also hover over the info (ⓘ) icon in the Activity Type column to see which rule was triggered.

The detection rules are:

A1 – Unusual User-Agent Interacted: Triggered when an atypical or suspicious user-agent (browser identifier) is detected.
A2 – Honeypot Link Reused: The hidden phishing link inside of the email clicked multiple times by the same IP and user-agent within 5 minutes—indicating automation.
A3 – Same-Second Activity Spike: Multiple activities occurred at the exact same time, which is unlikely for human users.
A4 – Stop Bot Activity Challenge Failed:
- A4.1 – The phishing link was clicked, but the invisible browser javascript challenge was not passed.
- A4.2 – The browser failed to load required scripts that a real user’s browser would normally execute.

If customers see several entries marked as Bot Activity, it typically means that their security tools pre-screened the phishing simulation links. To evaluate real user behavior, they should filter the report by Activity Type or use the “Hide Bot Activity” toggle. For better accuracy in future simulations, they may consider whitelisting Keepnet domains to reduce interference from automated systems.

By filtering out bot noise, organizations gain a clearer understanding of true user actions and risk levels.

Tutorial Video

This tutorial describes the basic functionalities of phishing campaign reports which you can find in the Campaign Reports menu.

FAQ

Q: Can I download a phishing scenario report?

A: Yes. You can download a report that provides details of the campaign by clicking on the Download Report button.

Q: Can I change the content of the report of the phishing scenario?

A: No. The information in the report cannot be changed.

Q: Can I resend the scenario to users who did not open the email?

A: Yes. The resend function allows you to send the phishing scenario to any user you select.

Q: Can I check on the status of the campaign?

A: Yes. The Sending Report option provides you with a view of the current activity of the phishing scenario.

Q: Can I import reports into my own reporting tool (e.g., Qlik Sense, Tableau, PowerBI)?

Q: What are the differences between the Only Opened Emails, Only Clicked Links vs Opened Emails and Clicked Links tabs in the downloaded excel report?

A: The differences are explained below.

"Only Opened Emails" will show the users who only opened the email and didn't go further, such as clicking the link.
"Only Clicked Links" will show the users who opened the email and then clicked the link and didn't go further, such as data submission.
"Opened Emails" will show the users who opened emails. It doesn't matter if user clicked the link or submitted any data.
"Clicked Links" will show the users who opened and then clicked the link. It doesn't matter if the user submitted any data.

Q: How do you determine if a "user agent" belongs to a sandbox or a real email user?

A: Please see below how the Sandbox Activity Detection feature works to identify false positive clicks.

Rule 1: User Agent Signatures: We have a list of 10+ sandbox user agent patterns. If a user action matches these, it's flagged as sandbox activity.
Rule 2: Honeypot Link: We embed invisible "Honeypot" links in our emails. While humans can't see or click them, sandboxes often access them, revealing their presence.
Rule 3: Request Header Analysis: By examining request headers, we can identify unique characteristics that differentiate sandbox activities from real user actions.

PreviousPhishing Campaign Manager NextSettings

Last updated 9 days ago

Was this helpful?

Phishing Campaign Reports

View Report Details

In a campaign report, there are many sub-menus that provide valuable statistics about your phishing campaign. Here are the following menus on a campaign report:

Summary

The Summary provides a brief synopsis of the phishing scenario and options for further action.

Download Report

An .xls format version of the phishing scenario report is available for download by clicking the Download Report button.

Resend Campaign

Resend the phishing scenario to the same target user group with the same settings by clicking the Resend Campaign button.

Summary Widgets

This section provides the opportunity to display the results of the campaign in a useful pie chart presentation.

Opened Email

The number and percentage of target users who opened the phishing email

Clicked Email

The number and percentage of target users who clicked on the URL in the phishing email.

Submitted Data

The number and percentage of target users who submitted data on the landing page of the phishing scenario.

Opened Attachment

The number and percentage of target users who opened the attachment file.

Phishing Reporters

The number and percentage of target users who reported the simulated phishing email by using the platform's suspicious email reporter add-in.

No Response

The number and percentage of target users who did not take any action in response to the phishing e-mail.

Campaign Info

Target Groups

The total number of target groups selected for the phishing campaign.

Hyper-Personalization

With the 'Preferred Language' option, users will receive scenarios in their preferred language. Those without a preferred language will receive scenarios in the company's default language.

Smart Grouping

If enabled, users who fail at the phishing campaign are automatically added to the selected target group.

Target Users

The total number of users selected to receive the phishing campaign email.

Campaign Lifetime

The date and time the phishing campaign will be terminated. No additional data will be processed in the phishing report after the expired date.

Languages

Language used in the phishing scenario.

Scenario Distribution

Shows which scenario distribution setting is used for the campaign. See more info about the scenario distribution feature .

Scenario Info

Number of Categories

The number of categories of selected scenarios.

Languages

The number of languages of selected scenarios.

Method

The list of methods of selected scenarios.

Difficulty

The difficulty levels of selected scenarios.

Email Delivery

Delivery Start - End

The date and time the campaign was started and was/will be ended to complete sending the email to all selected users.

Duration

It shows how long it took to send the campaign email to all selected users.

Delivery Status

Out of the total number of chosen users, it displays how many of them successfully received the campaign email and how many did not. Please go to menu to see more information.

Phishing Scenarios

This section displays general information about the content of the phishing scenario. If you selected multiple scenarios, you can switch between them to preview.

Name

Name of the phishing scenario.

Method

Phishing scenarios can be created in one of several forms.

Data Submit = Designed to detect target users who submit data on the landing page.
Attachment = Designed to detect users who open the attached file by opening the file attachment in the e-mail.
Click-Only = Designed to detect users who click on the phishing link in the email.

Difficulty

Difficulty level of the phishing scenario (easy, medium, hard)

Language

Language used in the phishing scenario.

Email that will be sent to users

This section displays details of the sender’s name, the difficulty level, and the phishing scenario type sent to the target users.

You can preview the email template design of the phishing scenario sent to the target users by clicking on the Preview button.

Landing Page for Users Who Clicked on the Phishing Link

The URL, difficulty level, and scenario type of the landing page content of the phishing scenario sent to the target users are displayed here.

You can preview the landing page design of the phishing scenario sent to the target users by clicking on the Preview button.

Opened

This section displays the information of the target users who opened the phishing scenario email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that is sent to user

Last Opened

Date and time a target user last opened the phishing email

Times Opened

Number of times a target user opened the phishing email

Hide Sandbox Activity

If a sandbox solution has analyzed the simulated phishing email that is generated for the target user, you can choose to show or hide this false positive information in the menu.

Activity Type

List the human or sandbox activities by using one of the following options.

Human Activity: The human has opened the simulated phishing email.
Sandbox Activity: The sandbox solutions have opened the simulated phishing email.

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Clicked

This section provides details of the target users who clicked on the phishing link.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that is sent to user

Last Clicked

Date and time the user last clicked on the URL in the phishing email

Times Clicked

Number of times the user clicked on the phishing link

Hide Sandbox Activity

If a sandbox solution has analyzed the simulated phishing email that is generated for the target user, you can choose to show or hide this false positive information in the menu.

Activity Type

List the human or sandbox activities by using one of the following options.

Human Activity: The human has clicked the simulated phishing link.
Sandbox Activity: The sandbox solutions have clicked the simulated phishing link.

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Submitted Data

This section displays details of a target user who submitted data on the landing page of the phishing scenario.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Password Complexity

Complexity level of the password submitted on the landing page of the phishing email. (very weak, weak, medium, strong, very strong)

TIP: The platform only captures the length and the first character of a password. Click for more information.

Scenario Name

Name of the phishing scenario that is sent to user

Last Submission

Date and time that the user last submitted data on the landing page of the phishing scenario

Times Submitted

Number of times that the target user submitted data on the landing page of the phishing scenario

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Opened Attachment

This section displays the details of a target user who opened the attachment file.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that is sent to user

Last Opened

Date and time that the user last opened the attachment file

Times Opened

Number of times that the target user opened the attached file

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

No Response

This section displays the details of target users who did not take any action in response to the phishing email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that is sent to user

Last Send Date

Date and time that the phishing email was sent to the target user

Action

The Resend button allows you to resend the same phishing email.

Phishing Reporter

This section provides details of target users who reported phishing emails using the phishing reporter add-in.

Additional information on the Phishing Reporter is available .

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that the user reported.

Last Reported

Date and time when a user reported the phishing email using the phishing reporter add-in.

Times Reported

Number of times that a user reported the phishing email using the phishing reporter add-in.

Action

The Resend button allows you to resend the same phishing email.

The Details option shows the date and time a user opened the phishing email, the user agent, browser information, geolocation, IP information, and other information.

Sending Report

This section provides a summary report of the delivery of the phishing email to the target users.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Preferred Language

User's preferred language that is set from the Target Users menu.

Scenario Name

Name of the phishing scenario that is sent to user

Email Delivery

Which SMTP is used to deliver the simulation emails to the users.

Date Sent

The last date and time that the email has been sent to target user.

Delivery Status

Status of the phishing email sent to the target user

In Queue = The phishing email is in the queue to be sent.
Successful = The phishing email was sent successfully.
Error = An error occurred in the delivery of the phishing email.
Cancelled = This user was eliminated as a target for this phishing campaign.

Action

The Resend button allows you to resend the same phishing email. The Details button allows you to see the email delivery details.

How Password Complexity is Calculated

We do not store or receive full user passwords. Before the form is submitted:

Only the first character of the password is kept.
All remaining characters are replaced with asterisks (*), e.g. P********.

This ensures that no actual password is transmitted or stored, supporting both user privacy and compliance with security best practices.

Positive Scoring Factors

Feature

Scoring Logic

Description

Length

length * 4

Longer passwords score higher

Uppercase letters

(length - uppercaseCount) * 2

More uppercase letters (A–Z) = more points

Lowercase letters

(length - lowercaseCount) * 2

More lowercase letters (a–z) = more points

Numbers

count * 4

Numbers increase the score

Symbols

count * 6

Symbols (!@# etc.) give a strong boost

Middle numbers/symbols

count * 2

Placing numbers/symbols in the middle adds bonus

Meets requirements

# of types used * 2

Bonuses for using at least 3–4 character types

Negative Scoring Factors

Weak Pattern

Penalty Logic

Description

Only letters

-length

No digits or symbols = deduction

Only numbers

-length

No letters or symbols = deduction

Repeated characters

-variable penalty

Penalized based on how often characters repeat

Consecutive uppercase

-count * 2

Sequences like "AAA" are discouraged

Consecutive lowercase

-count * 2

Same logic as above with lowercase

Consecutive numbers

-count * 2

Same logic with digits

Sequential letters (abc)

-count * 3

Penalizes predictable patterns

Sequential numbers (123)

-count * 3

Sequential symbols (!@#)

-count * 3

Complexity Rating (Based on Score)

Score Range

Complexity Rating

Description

0–19

5 (Very Weak)

Needs major improvement

20–39

4 (Weak)

Below average

40–59

3 (Moderate)

Meets some standards

60–79

2 (Strong)

Good overall security

80–100

1 (Very Strong)

Excellent password

Understanding Bot Activity vs. Human Activity in Reports

The detection rules are:

A1 – Unusual User-Agent Interacted: Triggered when an atypical or suspicious user-agent (browser identifier) is detected.
A2 – Honeypot Link Reused: The hidden phishing link inside of the email clicked multiple times by the same IP and user-agent within 5 minutes—indicating automation.
A3 – Same-Second Activity Spike: Multiple activities occurred at the exact same time, which is unlikely for human users.
A4 – Stop Bot Activity Challenge Failed:
- A4.1 – The phishing link was clicked, but the invisible browser javascript challenge was not passed.
- A4.2 – The browser failed to load required scripts that a real user’s browser would normally execute.

By filtering out bot noise, organizations gain a clearer understanding of true user actions and risk levels.

Tutorial Video

This tutorial describes the basic functionalities of phishing campaign reports which you can find in the Campaign Reports menu.

FAQ

Q: Can I download a phishing scenario report?

A: Yes. You can download a report that provides details of the campaign by clicking on the Download Report button.

Q: Can I change the content of the report of the phishing scenario?

A: No. The information in the report cannot be changed.

Q: Can I resend the scenario to users who did not open the email?

A: Yes. The resend function allows you to send the phishing scenario to any user you select.

Q: Can I check on the status of the campaign?

A: Yes. The Sending Report option provides you with a view of the current activity of the phishing scenario.

Q: Can I import reports into my own reporting tool (e.g., Qlik Sense, Tableau, PowerBI)?

A: Yes. You can transfer all of our reports through an API, enabling you to use the information as needed to suit your business. Additional information on APIs is available

Q: What are the differences between the Only Opened Emails, Only Clicked Links vs Opened Emails and Clicked Links tabs in the downloaded excel report?

A: The differences are explained below.

"Only Opened Emails" will show the users who only opened the email and didn't go further, such as clicking the link.
"Only Clicked Links" will show the users who opened the email and then clicked the link and didn't go further, such as data submission.
"Opened Emails" will show the users who opened emails. It doesn't matter if user clicked the link or submitted any data.
"Clicked Links" will show the users who opened and then clicked the link. It doesn't matter if the user submitted any data.

Q: How do you determine if a "user agent" belongs to a sandbox or a real email user?

A: Please see below how the Sandbox Activity Detection feature works to identify false positive clicks.

Rule 1: User Agent Signatures: We have a list of 10+ sandbox user agent patterns. If a user action matches these, it's flagged as sandbox activity.
Rule 2: Honeypot Link: We embed invisible "Honeypot" links in our emails. While humans can't see or click them, sandboxes often access them, revealing their presence.
Rule 3: Request Header Analysis: By examining request headers, we can identify unique characteristics that differentiate sandbox activities from real user actions.

PreviousPhishing Campaign Manager NextSettings

Last updated 9 days ago

Was this helpful?