Engage - SAFE Phish Overview

This article gives an overview of Engage SAFE Phish functionality and is intended for End Users and Administrators.

Introduction

Mimecast SAFE Phish turns real-time, de-weaponized phishing attacks into training exercises for your organization to utilize and incorporate into their habits and behavior. This means your users are exposed to real threats in a safe environment, where they can challenge, analyze, and investigate a scenario and why it is deemed a threat.

Benefits

SAFE Phish benefits include:

• ​​​​​Capturing real-life phishing attacks and transforming them into productive training exercises that:
  • Demonstrate the specific attacks your organization experiences.
  • Trains your users to be proactive in their approach to them.
• Ensuring your most targeted and at-risk users are supported and well equipped to deal with future potential attacks.
• Allowing your organization to transform the way user and organization risk is measured.

Understanding SAFE Phish

If you have Targeted Threat Protection - URL Protect configured, URLs are rewritten at the gateway by Mimecast before they reach a user’s inbox. and this negates the threat.

When a user opens a phishing email and clicks on the rewritten URL:

1. The TTP block page displays a warning message alerting the user of a potential risk.
2. The user’s poor URL click is reflected in the Mimecast SAFE Score User Risk. User Risk is visible in Program Overview.
3. Simultaneously, the SAFE Score is updated and the original email is added to Engage, so that the Real Phishing Attack templates can be converted into custom Phishing Translated Templates. ​See Creating Templates From URL Protection Clicks for information on how to easily turn de-weaponized phishing attacks that specifically targeted your organization into custom Engage phishing translated templates to send as phishing simulations.