Engage - Phishing Campaign Analytics

Updated

This article contains information on accessing and analyzing Engage Phishing Campaign analytics, exporting data, and creating user groups. It is intended for Administrators.

Metrics for Test Campaigns are not included in Phishing Campaign analytics.

Introduction

Once a Phishing Campaign is active (i.e. the start date has been reached) statistical data is collected on each user's participation.

Phishing Campaign Analytics

You can access the Phishing Campaign Analytics, by using the following steps:

  1. Log in to Engage.
  2. Select Phishing Training | Campaigns.
  3. Click on the Campaign Name to display analytics for the Phishing Campaign:
  • The Recipient Status pie chart displays the current aggregated statuses for the Phishing Campaign, namely what percentage of the total users sent the phishing campaign have clicked, opened, submitted, and reported.
    • The Clicked Status (All Campaigns) bar chart displays the click rate (%) of the current Phishing Campaign, versus all other phishing campaigns sent.
    • The Search Table allows you to search and filter the Campaign Analytics Details Table by name, email address, or department.

Campaign Analytics

If you add Custom Attribute columns, these will be added as additional searchable fields.

 

Custom Attributes

The Campaign Analytics Details Table contains the user level analytics related to the phishing campaign.

  • You can edit the columns displayed in the table by clicking on the cog icon image.png and using the checkboxes to show or hide the columns.

    Custom Attribute columns added will become searchable fields in Search Table.

    Customize columns

     

  • You can apply Status filters using checkboxes to show or hide the statuses (Sent, Opened, Submitted, Clicked, Reported).

    Filter

The Campaign Analytics Details Table contains the following information about each user participating in the Phishing Campaign:

Field / Option Description

Name

Displays the user's name.

Email Address

Displays the user's email address.

Department

Displays the user's department.

Status

Indicates the end-state related to this Phishing Campaign. Possible status options are:

  • Sent: The user has received the phishing campaign but has not opened the message.

  • Opened: The user has opened the message but has not clicked on the phishing campaign link.

This status is based on a tracking pixel. If you are blocking images, you will not receive an opened status.

  • Clicked: The user has opened the message and clicked on the phishing campaign link.

  • Submitted: The user opened the message, clicked on the phishing campaign link, and submitted their information.

  • Reported: The user has received the phishing campaign, either opens or does not open it, and reports the phishing email.

  • Scheduled: With the new staggered release of phishing campaigns, this status shows users who have not yet received the simulation

  • Error: The phishing campaign could not be sent to the user. This is usually due to the user not having an Outlook license.

External interactions can potentially impact phishing campaign tracking. If a Support Engineer copies a phishing campaign email into a ticket and clicks the link, it may register as a click for the original intended recipient. This occurs because tracking links are uniquely tied to the original recipient's account.
Status will always display the riskiest behavior / end state.

  • If a user clicks on a link in the Phishing Campaign Email, then subsequently reports the Phishing Email, [Status] will show Clicked as this is the riskiest behavior.

  • If a user clicks on a link in the Phishing Campaign Email, then subsequently submits the Phishing Campaign Form, [Status] will show Submitted as this is the riskiest behavior.

  • If a user clicks on a link in the Phishing Campaign Email, then subsequently submits the Phishing Campaign Form, then reports the Phishing Email, [Status] will show Submitted as this is the riskiest behavior.

  • If the user opens the Phishing Campaign Email, does not click on the link, and reports the Phishing Email, [Status] will show Reported.

     

Reaction Time(s)

This is the number of seconds taken between opening a Phishing Campaign Email (and downloading the images or the images auto-download) and clicking on the link in the Phishing Campaign Email.

If Reaction Time is blank but Click Time displays, this is related to the organization's email service not being configured to auto-download images, and if a user does not download the images either, we cannot identify if the email is opened, therefore, we do not calculate a Reaction time, we can only capture the Clicked Time.

Times Clicked

Displays the number of Phishing Campaigns the user has received and the number of times the user has clicked on a Phishing Campaign's link. For example, if the column shows "1/3", the user has received three phishing campaigns but only clicked on the link in one.

Clicked Time

Displays the date stamp and time when a user clicked on the Phishing Campaign Email link.

We do not record the time a user submitted a Phishing Campaign Form, or the time a user Reported a Phishing Email.

Training Results

This column shows how much phishing category video training (both modules & campaigns) has been assigned to the user, how many quiz questions were answered correctly and incorrectly.

Training Results


Hover over the bar for more information:

  • Phishing Trainings Sent: Number of phishing category video training modules and campaigns assigned to the user.

  • Correct Responses: Number of correct answers for phishing category video training modules and campaigns.

  • Incorrect Reponses: Number of incorrect answers for phishing category video training modules and campaigns.

  • No Assignments: means no phishing category video training modules and campaigns have been assigned to the user.

Custom Fields

If custom fields have been added, these can also be displayed. See Configuring Custom Attributes.

Exporting Campaign Analytics

You can export the user data from any Phishing Campaign to an.XLSX file, complete with any custom fields added to the user record, by using the following steps.

  1. Log in to Engage.
  2. Select Phishing Training | Campaigns.
  3. Click on the Campaign Name.
  4. To export the Phishing Campaign's analytics, click on Export Data to download the created file to your browser's download location

If you have applied filters to the table, only the filtered data will be exported.

Scanned Data Field for QR Template

This feature enhances data tracking by capturing both QR code scans and standard link clicks. The new scanned data field provides insights into user interactions with QR codes, clearly distinguishing between users who scanned the code and those who clicked on a link. This information will be included in phishing reports and will be visible when exporting the report.

Creating a Group

You can create a Group from the Phishing Campaign's analytics, by using the following steps:

  1. Log in to Engage.
  2. Select Phishing Training | Campaigns.
  3. Click on the Campaign Name.
  4. Select the Users to be added to the group.
  5. Click on the Create Groups button.
  6. Enter a group name.
  7. Click on Create Group. Once created, the Group is available from your Settings.

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.