Phishing Awareness Training

Owned by Matthew Sywulak
Last updated: Oct 20, 2023 by Matthew Sywulak
3 min read

Summary

If your organization utilizes a Phishing Awareness Training Platform, you have the option to control how INKY behaves with your simulated phishing campaigns. You can select your desired platform under the Phishing Awareness Training Platforms section within the Advanced Config tab of your INKY admin console.

 

Setting

  1. Navigate to your INKY Dashboard

  2. Select Settings then Phishing Awareness Training

You have the ability to specify the Banner type for these simulation emails.

 

*Note: If you would like simulation messages to receive normal INKY results, just leave this section blank.

 

Banner Customization

 

No Special Treatment

Messages are analyzed and bannered according to INKY’s default behavior. There are no bypasses in place - this option has the same effect as not selecting any platform.

Neutral

This option is the default setting. Messages will display a grey neutral banner without any threat categories.

Caution (Yellow) and Danger (Red)

If INKY didn’t find any naturally occurring results (e.g “Phishing Content” or a red “Misleading Link”), the message will be labeled with a new threat category “Potential Phish”. This is intended to resemble a legitimate phishing warning so the end user doesn’t discover the message is a test.

 

 

Bypass Link Rewriting For All Links In Simulated Phishing Messages

If this option is selected, all links in simulated phishing messages will not be rewritten by INKY.

Keep In Mind: This option may also make phishing tests somewhat obvious to end-users if the only links without rewritten links are simulations.

 


Always deliver simulated phishing messages to the user’s inbox (only applies if INKY’s Delivery Settings are enabled)

This option overrides any mailbox delivery settings and forces messages with a caution or danger banner to the recipient’s inbox. Normally, if delivery settings are enabled, messages marked as dangerous or spam would be delivered to quarantine or junk folder.

Keep In Mind: This may make phishing tests somewhat obvious if the only red-bannered messages reaching the inbox are simulations.

 

Do not attach raw messages to reports for simulated phishing messages

This option is helpful to avoid false link clicks being reported. Some INKY customers have their message reports sent to ticketing systems which scan the links making it appear as if a user had clicked on the simulated phishing email links

 

Send email notifications to different addresses when users report simulated phishing messages

This option can be used by those who don’t want end user reports of simulated phishing messages going into their SOC queue which they may have specified as the address to receive reported messages. By checking the checkbox and leaving the email address field empty it will stop notifications from being sent to anyone.

 

When making any changes to the Settings page, please ensure that you scroll to the bottom and click on the Save Changes button.