If your users remain at Level 1 after several months of participating in the phishing simulation, there could be various reasons:
-
Your users may frequently fall for the simulated phishing scenarios, often clicking on links and opening attachments. To enhance security awareness, we recommend enabling the e-training modules. These trainings help your employees improve step by step. Additionally, ensure that all necessary whitelisting is configured correctly and that no third-party systems are automatically clicking links, as this could skew the results.
-
The most important aspect of the phishing simulation is reporting phishing emails. Users who successfully identify and report phishing emails progress through the simulation faster and receive more challenging phishing tests at higher levels. Participation in the simulation is still possible without this feature, but progress will be much slower. We highly recommend using the reporting function to speed up the learning process.
Setting up the Phishing Reporter
The following guides explain how to set up the Phishing Reporter:
- Setting up the Phishing Reporter in M365
- Setting up the Phishing Reporter on Local Exchange
How to report emails without the add-in
Users can forward suspicious emails as attachments to reportto@hornetsecurity.com. It's important to ensure that the email remains unchanged, including the original header. Emails with altered headers will not be included in the Employee Security Index (ESI®) calculation.
For more information, please refer to our guide: Reporting Emails Without the Add-in.
A guide for Outlook can be found here: How to report an email without the add-in.
Important notes:
- No feedback: You will not receive confirmation whether the reported email was part of the phishing simulation.
- Parallel use: Users can forward emails in addition to using the add-in.
To advance to higher levels more quickly, it is recommended to either set up the Phishing Reporter Add-in or forward emails to reportto@hornetsecurity.com.