LogoLogo
Get Demo
  • 💫NEXT-GENERATION PRODUCT
    • Introduction
    • Getting Started
      • 1. Invite System Users
      • 2. Add Target Users
        • Add Users via CSV
        • Add users via SCIM
          • SCIM Setup in Azure AD
          • SCIM Setup in Okta
          • SCIM Setup in Onelogin
          • SCIM Setup in Jumpcloud
        • Add users via LDAP
        • Add Users via API
      • 3. Email Deliverability
        • Microsoft 365
          • M365: Direct Email Creation
          • M365: Whitelisting
        • Google Workspace
          • Google: Direct Email Creation
          • Google: Whitelisting
        • Exchange 2013 and 2016
      • 4. Track Opened Emails
      • 5. Allow Phishing URLs
        • Whitelist for Office 365
        • Whitelist for Google Workspace
        • Whitelist for Exchange 2013/2016
        • Whitelist in Security Solutions
      • 6. Setup Phishing Reporter
        • Step 1. Download Phishing Reporter
        • Step 2. Deploy Phishing Reporter
          • How to Deploy Add-In in Microsoft 365
          • How to Deploy Add-In in Exchange Admin Center
          • How to Deploy Add-In in Google Workspace
          • How to Deploy Add-In in Outlook
            • Troubleshooting Phishing Reporter Add-In on Outlook Desktop
      • 7. Incident Responder Setup
        • Step 1. Integrate Threat Intel Partners
        • Step 2. Mail Configurations
          • Microsoft 365
          • Google Workspace (Gsuite)
          • Exchange (EWS)
    • Platform
      • Dashboard
        • Dashboard Widgets
        • Incident Responder Widgets
        • Threat Sharing Widgets
        • Phishing Simulator Widgets
      • Threat Intelligence
      • Email Threat Simulator
        • Start Scan
        • View Scan Report
        • Create Trusted Account on Exchange
        • Start Scan on O365 Email Account
        • Start Scan on Google Workspace Email Account
      • Threat Sharing
        • Communities
        • Incidents
      • Phishing Simulator
        • Manage Phishing Scenarios
          • Phishing Scenarios
          • Email Templates
          • Landing Pages
        • Phishing Campaign Manager
        • Phishing Campaign Reports
        • Settings
          • DNS Services and Domains
          • Exclude IP Address
      • Callback Simulator
        • Manage Callback Scenarios
          • Callback Scenarios
          • Callback Email Templates
          • Callback Templates
        • Callback Campaign Manager
        • Callback Campaign Reports
        • Settings
          • Callback Phone Numbers
      • Vishing Simulator
        • Vishing Templates
        • Vishing Campaign Manager
        • Vishing Campaign Reports
      • Smishing Simulator
        • Manage Smishing Scenarios
          • Smishing Scenarios
          • Text Message Templates
          • Landing Page Templates
        • Smishing Campaign Manager
        • Smishing Campaign Reports
        • Settings
          • Manage DNS and Domains
          • Exclude IP Addresses
      • Quishing Simulator
        • Manage Quishing Scenarios
          • Quishing Scenarios
          • Quishing Templates
          • Quishing Landing Page Templates
        • Quishing Campaign Manager
        • Quishing Campaign Reports
        • Settings
          • DNS and Domains
          • Excluding IP Address
      • Awareness Educator
        • Training Library
        • Enrollments
        • Certificates
        • Training Reports
        • Training Completion Queries
      • Incident Responder
        • Incident Responder Dashboard
        • Investigations
        • Integrations
        • Playbook
        • Mail Configurations
          • Microsoft 365
          • Exchange
          • Google Workspace
        • Cross Company Integration
      • Phishing Reporter
        • Phishing Reporter Customization
        • Phishing Reporter Deployment
          • How to Deploy the Add-in in Microsoft 365
          • Phishing Reporter Page View Failure Due to Deprecated Exchange Online Tokens
          • Microsoft Ribbon Phishing Reporter
          • How to Deploy the Add-in in Exchange Admin Center
          • How to Deploy the Add-in in Google Workspace
          • Phishing Reporter Announcement Email Template
        • Diagnostic Tool
        • Integrating Microsoft Phishing Reporting Button with Keepnet
        • Troubleshooting Phishing Reporter on Outlook Desktop
      • Reports
        • Advanced Reports
        • Executive Reports
        • Scheduled Reports
        • Gamification Report
      • Company
        • Target Users
        • Companies
          • Company Groups
        • Company Settings
          • Privacy
            • Account Privacy
            • Data Privacy
          • AI Ally Settings
          • SMTP Settings
          • Direct Email Creation
            • Direct Email Creation for Google Workspace
            • Direct Email Creation for Microsoft 365
          • Notification Templates
          • Google User Provisioning
          • REST API
          • White Labeling
          • Proxy Settings
          • SAML Settings
            • How to Configure SAML on ADFS
            • How to Configure SAML on Google Workspace
            • How to Configure SAML on Azure AD
            • How to Configure SAML on CyberArk
            • How to Configure SAML on Okta
          • SCIM Settings
            • Getting Started with SCIM
            • Azure AD SCIM Integration
            • Okta SCIM Integration
            • Onelogin SCIM Integration
            • Jumpcloud SCIM Integration
          • SIEM Integrations
            • Splunk Integration
            • Syslog Integration
          • LDAP
          • Allowed Domains
        • System Users
          • People
          • Roles
        • Audit Log
        • Job Log
      • Free Phishing Email Analysis Service
    • Miscellaneous
      • Whitelisting
        • How to Whitelist an IP Address in Office 365
        • How to Whitelist an IP Address in Exchange 2013 and 2016
        • How to Whitelist an IP Address in Google Workspace
        • How to Whitelist in Mimecast
        • Whitelisting in Other Security Solutions
        • Whitelisting the Pictures on Microsoft Outlook Apps
        • Keepnet Tools Whitelisting Guidelines
        • Understanding Email Delivery Errors
        • Tracking Email Opens in Phishing Simulations
      • User Profile
      • Multi-Factor Authentication (MFA) Settings
      • On-Premise Requirement Checker
      • Platform Requirements
        • Portal UI Requirements
        • Phishing Reporter Requirements
        • Diagnostic Tool Requirements
      • Maintenance Tool
      • Understanding the Preferred Language Setting
  • 📚RESOURCES
    • Platform Security
    • Volume & Performance
    • Customer Help Desk
    • Product Update/Maintenance
    • Research Methodology
    • Release Notes
      • 2025
      • 2024
      • 2023
      • 2022
      • 2021
      • 2020
  • ⚖️Legal Hub
    • For Customers
      • Customer Terms of Service
      • Product Specific Terms
      • Jurisdiction Specific Terms
      • Data Processing Agreement
      • Regional Data Hosting Policy
      • Product and Services Catalog
      • Acceptable Use Policy
      • Keepnet Security Program
      • Microsoft CoPilot Usage Policy
    • For Everyone
      • Website
        • Terms of Use
        • Privacy Policy
        • Cookie Policy
      • Free Phishing Email Analysis
        • Terms of Service
        • Privacy Policy
      • Transparency Report
Powered by GitBook

Copyright © Keepnet Labs LTD. All rights reserved.

On this page
  • View Report Details
  • Summary
  • Campaign Info
  • Email Delivery
  • Quishing Scenarios
  • Top Menus
  • Opened
  • Scanned QR Link
  • Submitted Data
  • No Response
  • Reporters
  • Sending Report
  • Understanding Bot Activity vs. Human Activity in Reports
  • Video Tutorial

Was this helpful?

Export as PDF
  1. NEXT-GENERATION PRODUCT
  2. Platform
  3. Quishing Simulator

Quishing Campaign Reports

PreviousQuishing Campaign ManagerNextSettings

Last updated 12 hours ago

Was this helpful?

This section describes the basic functionalities of quishing campaign reports, which you can find from the Quishing Simulator > menu.

View Report Details

To view the details of a quishing campaign report, navigate to the Quishing Simulator > Campaign Manager menu. Then, select the Instance button for the campaign you want to review, and click on Action followed by View Report.

Summary

The Summary provides a brief synopsis of the quishing scenario and options for further action.

Download Report

A .xlsx format version of the quishing scenario report is available for download by clicking the Download Report button.

Resend Campaign

Resend the quishing scenario to the same target user group with the same settings by clicking the Resend Campaign button.

Summary Widgets

This section provides the opportunity to display the results of the campaign in a useful pie chart presentation.

No Response

The number and percentage of target users who did not take any action in response to the quishing email.

Opened Email

The number and percentage of target users who opened the quishing email

Scanned QR Link

The number of target users who scanned the QR code in the simulation email.

Submitted Data

The number of target users who scanned the QR code and then submitted their credentials on the HTML page.

Campaign Info

Target Group

The total number of target groups that are enrolled in the quishing campaign email.

Target Users

The total number of users selected to receive the quishing campaign email.

Languages

Language used in the quishing scenario.

Campaign Lifetime

The date and time the quishing campaign will be terminated. No additional data will be processed in the quishing report after the expired date.

Duration

The number of days that the campaign will stay active.

Email Delivery

Delivery Start - End

The date and time the campaign was started and was/will be ended to complete sending the email to all selected users.

Duration

It shows how long it took to send the campaign email to all selected users.

Delivery Status

Quishing Scenarios

Scenario Info

This section displays general information about the content of the quishing scenario. If you selected multiple scenarios, you can switch between them to preview.

Name

Name of the quishing scenario.

Method

Quishing scenarios can be created in one of several forms.

Data Submit = Designed to detect target users who scan the QR code and submit data on the landing page.

Click-Only = Designed to detect users who scan the QR code and open the link.

Difficulty

Difficulty level of the quishing scenario (easy, medium, hard)

Language

Language used in the quishing scenario.

Email that will be sent to users

This section displays details of the sender’s name, the difficulty level, and the quishing scenario type sent to the target users.

You can preview the email template design of the quishing scenario sent to the target users by clicking on the Preview button.

Landing Page for Users Who Clicked on the QR Code Link

The URL, difficulty level, and scenario type of the landing page content of the quishing scenario sent to the target users are displayed here.

You can preview the landing page design of the quishing scenario sent to the target users by clicking on the Preview button.

Top Menus

Opened

This section displays the information of the target users who opened the quishing scenario email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the quishing scenario that is sent to user

Last Opened

Date and time a target user last opened the quishing email

Times Opened

Number of times a target user opened the quishing email

Action

The Resend button allows you to resend the same quishing email.

The Details option shows the date and time a user opened the quishing email, the user agent, browser information, geolocation, IP information, and other information.

Scanned QR Link

This section provides details of the target users who scanned the QR code and opened the quishing link.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the quishing scenario that is sent to user

Last Clicked

Date and time the user last clicked on the URL in the quishing email

Times Clicked

Number of times the user scanned the QR code and opened the quishing link.

Action

The Resend button allows you to resend the same quishing email.

The Details option shows the date and time a user opened the quishing email, the user agent, browser information, geolocation, IP information, and other information.

Submitted Data

This section displays details of a target user who submitted data on the landing page of the quishing scenario.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Password Complexity

Complexity level of the password submitted on the landing page of the quishing email. (very weak, weak, medium, strong, very strong)

TIP: The platform only captures the length and the first character of a password.

Scenario Name

Name of the quishing scenario that is sent to user

Last Submission

Date and time that the user last submitted data on the landing page of the quishing scenario

Times Submitted

Number of times that the target user submitted data on the landing page of the quishing scenario

Action

The Resend button allows you to resend the same quishing email.

The Details option shows the date and time a user opened the quishing email, the user agent, browser information, geolocation, IP information, and other information.

No Response

This section displays the details of target users who did not take any action in response to the quishing email.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the quishing scenario that is sent to user

Last Send Date

Date and time that the quishing email was sent to the target user

Action

The Resend button allows you to resend the same quishing email.

Reporters

This section provides details of target users who reported quishing emails using the phishing reporter add-in.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the quishing scenario that the user reported.

Last Reported

Date and time when a user reported the quishing email using the phishing reporter add-in.

Times Reported

Number of times that a user reported the quishing email using the phishing reporter add-in.

Action

The Resend button allows you to resend the same quishing email.

The Details option shows the date and time a user opened the quishing email, the user agent, browser information, geolocation, IP information, and other information.

Sending Report

This section provides a summary report of the delivery of the quishing email to the target users.

First Name

First name of the target user

Last Name

Last name of the target user

Email Address

Email address of the target user

Department

Department of the target user

Scenario Name

Name of the quishing scenario that is sent to user

Last Send Date

Status of the quishing email sent to the target user

In Queue = The quishing email is in the queue to be sent.

Successful = The quishing email was sent successfully.

Error = An error occurred in the delivery of the quishing email.

Cancelled = This user was eliminated as a target for this quishing campaign.

Times Reported

Number of times that a user reported the quishing email using the phishing reporter add-in.

Action

The Resend button allows you to resend the same quishing email.

Understanding Bot Activity vs. Human Activity in Reports

In quishing campaign reports, Human Activity refers to real actions taken by users, such as opening emails, clicking quishing links, or submitting data. In contrast, Bot Activity represents automated interactions triggered by email security systems, spam filters, or sandboxing tools. These bots scan emails and follow links as part of their protective duties—sometimes even before users see the message.

Bot activity may appear in both Opened and Scanned QR Link sections of the report. For example, if a security system opens an email to analyze it, or clicks a link to test the destination, these actions may be captured and flagged as bot interactions.

To ensure accurate reporting, the platform automatically detects and labels such activity based on predefined detection rules. Any record classified as Bot Activity will carry a special tag and can be excluded from the view by clicking the “Hide Bot Activity” button. Admins can also hover over the info (ⓘ) icon in the Activity Type column to see which rule was triggered.

The detection rules are:

  • A1 – Unusual User-Agent Interacted: Triggered when an atypical or suspicious user-agent (browser identifier) is detected.

  • A2 – Honeypot Link Reused: The hidden quishing link inside of the email clicked multiple times by the same IP and user-agent within 5 minutes—indicating automation.

  • A3 – Same-Second Activity Spike: Multiple activities occurred at the exact same time, which is unlikely for human users.

  • A4 – Stop Bot Activity Challenge Failed:

    • A4.1 – The quishing phishing link was clicked, but the invisible browser javascript challenge was not passed.

    • A4.2 – The browser failed to load required scripts that a real user’s browser would normally execute.

If customers see several entries marked as Bot Activity, it typically means that their security tools pre-screened the quishing simulation links. To evaluate real user behavior, they should filter the report by Activity Type or use the “Hide Bot Activity” toggle. For better accuracy in future simulations, they may consider whitelisting Keepnet domains to reduce interference from automated systems.

By filtering out bot noise, organizations gain a clearer understanding of true user actions and risk levels.

Video Tutorial

This tutorial describes the basic functionalities of quishing campaign reports.

Out of the total number of chosen users, it displays how many of them successfully received the campaign email and how many did not. Please go to menu to see more information.

Additional information on the Phishing Reporter is available .

💫
here
Sending Report
Campaign Manager