ExM Blog Excel Micro Videos Proofpoint Videos Mimecast Videos VIPRE Videos Billing/Invoice Sign in
Start a conversation
  1. Excel Micro
  2. Proofpoint Essentials Security Awareness
  3. PESA - Measure

Proofpoint: Reporting Simulated Phish

Question

How are simulated phishing attacks reported?

Answer

Proofpoint Security Awareness offers three different methods for reporting a simulated phishing attack sent by Phishing.

  1. PhishAlarm - The easiest method is for an end user to report a phish using the PhishAlarm Add-In. If the user does not have PhishAlarm there are two other methods described below.
  2. Toggle Option - A Phishing Administrator has the ability to mark a user as having reported the simulated phish within a campaign. To do this:
    1. Under Tools, click Security Awareness, followed by Launch Platform
    2. Navigate to Phishing
    3. Select Active Campaigns
    4. Click on the Campaign Name in the All Campaign History table
    5. Click in the Users tab to see a list of users in the campaign
    6. Locate the user who reported the phish
    7. Under Reported, click the Yes toggle button.

Note:  Please be aware that once the user is marked as YES, you cannot revert back to NO.

 

User-added image

  1. Forward the simulated phish to reports@phishbucket.com - Simulated phish may be forwarded to reports@phishbucket.com (US Customers) or reports@eu.phishbucket.com (EU Customers) in order for users to be marked as having reported the simulated phish.  This option is not available for users accessing Phishing Simulation on our AsiaPacific (AP) platform.

To better explain the process see the steps below:

  1. Your end user notices something phishy about the email
  2. The user forwards the suspicious email to the security group, help desk, the security administrator, etc. 
  3. The Phishing administrator creates a rule in Microsoft Outlook or on your mail server, ticketing system, etc. that automatically forwards the individual emails to reports@phishbucket.com (US) or reports@eu.phishbucket.com (EU). This can be completely automated if you create a rule that searches for any of our domains or keywords you use in your campaign. 
  4. Results appear in your Campaign Overview and users tabs as well as dashboard

Note:  The user TARGETED with the phishing email will be marked as the user who reported the phish, and not necessarily the person who actually forwarded it to reports@phishbucket.com. For example, if John received the phishing email and forwarded it to Nathalie because he thought Nathalie might be interested in the email, and then Nathalie realized it was phishing attack and forwarded it to reports@phishbucket.com, John would be marked as reporting the phish and NOT Nathalie.

Manually toggling the reported metric is only available while the campaign is in its data collection period.

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Carlos Rios

  2. Posted

Comments