Cofense PhishMe Reviews

14 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 7.7 out of 100

Do you work for this company? Learn how we help vendors

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Filtered By:

Reviews (1-11 of 11)

Companies can't remove reviews or game the system. Here's why.
February 04, 2021
Jim Bowker | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Raw material - no need to go hunt out scenarios. There are plenty to choose from.
  • Software interface makes it easy to organize a campaign.
  • Reporting - it's easy to spot repeat offenders for additional phishing or individualized training.
  • We like to pass each campaign by a couple of people. While I can send a test to someone, a simple workflow approval would be nice.
  • You could automate user cleanup of inactive accounts a little better.
Read Jim Bowker's full review
February 06, 2021
Akito Inakazu | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Setting up campaigns is easy.
  • There are lots of examples that can be built from.
  • The training if a user falls for the phishing is well thought out and presented.
  • Account management could be done better. Removing users is a good example.
Read Akito Inakazu's full review
May 11, 2020
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Service - it isn't just another tool you need to operate. Cofense service includes an assigned professional who can advise, suggest, discuss with you the best approach for your user base, and operate the tool on your behalf.
  • Multilingual - for a global company it is a must. We have simulated emails as well as educational material in multiple languages. Cofense PhishMe already has a lot of material in a number of languages, plus they can take care of translations into additional languages for you.
  • Reporter button - with an add-on for Outlook (or other email clients) a user can report a suspicious email to their helpdesk with one click. In case of a simulated phishing email a report is not sent but rather a congratulation is displayed to a user.
  • Playing it too safe #1 - They will only allow you to send emails to domains you own or control. So if you have people working for you with access to your systems but they have a third-party email (e.g. vendor/contractor domain or Gmail) you won't be able to send simulations to those users.
  • Playing it too safe #2 - While their email template library is large and inspired by real-world phishing emails, for legal reasons they avoid close imitation of real companies - including names, logos, sender, etc. As a result, you'll still find delivery notification email or Office365 look-alikes, but not truly impersonating real-world companies thus being less misleading.
  • Gamification - I'm not aware of a phishing quiz or a game in their educational material. There is no mobile app for users to compete with their coworkers e.g. number of reported malicious emails, number of spotted simulated emails, etc.
Read this authenticated review
May 02, 2020
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Scheduling campaigns
  • User list management.
  • Variety of templates.
  • Community portal.
  • Board report is not automated.
Read this authenticated review
May 01, 2020
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • PhishMe scenarios are based on real-world examples of malicious email reported through one of their other product offerings; Phishing Defense Center (PDC)
  • Scenarios have the ability to be easily customized and changed to suit the needs of your own organization to make them more relevant. This increases the chance of a click or attachment opening providing a teachable moment with more users.
  • Console is easy to navigate and use for all levels of technical ability. Not everyone on our team is technically inclined, however, the interface is easy to understand and obtain information from allowing everyone who uses it to be comfortable.
  • Reporting capabilities from completed scenarios is quite good as long as you provide the detail on users during initial import or sync.
  • There is only the ability to run one Playbook at a time. For larger enterprises that may have more than one organization they wish to target in different ways, this is a limitation that requires some clever workarounds.
  • Despite the efforts of reporting and statistics to remove false clicks and multiple clicks from the same users, there are several times we have had to analyze raw data exports in Excel to verify (and correct) our final metrics for scenarios. Not a deal-breaker, however, does require a time investment.
  • Adding/removing users to the PhishMe instance requires a ticket to be submitted to Support. There is no method in the instance for us to do this at our company.
Read this authenticated review
May 04, 2020
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Wide range of templates, which are always updated and addressing threats organizations face today.
  • Security teams use the information from Phish Reporter to implement countermeasures.
  • Providing training materials that help to educate employees
  • To provide a more convenient way to modify/change mail addresses
Read this authenticated review
May 01, 2020
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Easy to manage templates
  • Up to date information with real word examples
  • Inexpensive
  • Attachments are doc, xls, and ppt only, no newer formats
  • Embedded pictures require download that is not online
  • Repeat user report needs filtering options
Read this authenticated review
October 22, 2019
Ryan Fultz | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • The software is really easy to use, I am able to just click a button to report any and all phishing attempts.
  • By it being a one button press it allows me to spend more time doing other things.
  • We are able to conduct tests using PHISHME to audit our internal clients.
  • I don't think anything could be improved it's a simple intuitive software.
Read Ryan Fultz's full review
January 29, 2020
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Relevant/current phishing scenarios.
  • Great educational awareness.
  • Does not integrate with Active Directory. You either have to upload a spreadsheet of users or utilize their recipient generator. Would be nice to have an API with AD.
  • Doesn't allow us to spoof legitimate companies. The bad actors do this and other phishing platforms allow this as well. Cofense is legally scared to allow spoofing.
Read this authenticated review
June 14, 2019
Carrie Huang | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Easy to report suspected phishing emails to IT and security teams.
  • IT and security teams are able to look into phishing emails right away.
  • Cofense is integrated into our email system and is easy to find.
  • It should be able to filter our emails automatically.
  • It should be able to put the phishing or spam emails in a quarantine.
  • Cofense PhishMe should do more than just be a button on our email platform.
Read Carrie Huang's full review
March 13, 2018
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Pros and Cons

  • Baseline testing offers comparable results
  • Reporter Outlook add-in makes reporting suspicious messages easy
  • Campaigns are fairly simple to set up
  • The Reporter Outlook add-in has had some bugs in the past that made it unusable.
Read this authenticated review

What is Cofense PhishMe?

Cofense PhishMe™ is the flagship behavior conditioning, phishing awareness platform from Cofense™ which the vendor states is trusted by over 2500 enterprise customers across all verticals. Using simulated phishing emails, Cofense PhishMe conditions users to identify and report email-based threats that bypass secure email gateways and land in user inboxes. Cofense PhishMe uses experiential learning at the point of failure to reinforce positive security awareness behavior.

A phishing simulation program must reflect the real threat landscape. Cofense boasts a unique perspective on the threat landscape, with insights into threat actors & campaigns in the wild, together with unrivalled visibility of phishing threats that bypass existing security controls to reach the recipient inbox. Leveraging this perspective, Cofense PhishMe operationalizes real, active threats into realistic phishing scenarios to ensure program relevance. The vendor describes Cofense PhishMe as using intelligent automation, advanced algorithms, and embedded best practices to increase user engagement and reduce program planning, management, and execution overhead. Cofense PhishMe’s education library includes content created by its content team, as well as from 3rd party content vendors.

Cofense PhishMe has been rated as a leader in the Gartner Magic Quadrant for Security Awareness CBT Solutions and a Gartner peer insights Customer’ Choice security awareness vendor 2 years in a row.

Cofense PhishMe Features

Has featureReal Threat & Secure Email Gateway Miss Templates – increase relevance of programs by simulating real threats observed to bypass common Secure Email Gateways
Has featureResponsive Delivery – increase program engagement and eliminate global scheduling challenges by delivering simulation emails only when users are active in their mailbox
Has featureSmart Suggest – advanced algorithms and embedded best practice provide program guidance based on industry relevance and program history.
Has featureRecipient Sync - automates syncing of recipients from Azure Active Directory to PhishMe. Utilize Recipient Sync and Dynamic Groups for fully automated group management.
Has featureAutomated Playbooks – automate execution of a 12-month simulation program with just a few clicks.
Has featureComprehensive education catalog including content from leading third-party providers including NINJIO and AwareGo.
Has featureBoard Reports – executive level insight into program performance and changes in resiliency to phishing.

Cofense PhishMe Screenshots

Cofense PhishMe Video

Cofense PhishMe Responsive Delivery – increase program engagement, reduce whitelisting and eliminate global scheduling challenges by delivering simulation emails only when users are active in their inbox.

Cofense PhishMe Downloadables

Cofense PhishMe Integrations

Exchange and Office365 for Responsive Delivery capabilities., Azure Active Directory for Recipient Sync capabilities., PhishMe API automatically sends simulation results to a designated location for further analysis., All scenario results and data can be exported as .xls or .csv files for offline analysis or upload to dashboard and data analytics software., Report templates for Microsoft PowerBI are provided for PhishMe customers.

Cofense PhishMe Competitors

KnowBe4 Security Awareness Training, Proofpoint/Wombat, Ironscales

Cofense PhishMe Pricing

  • Has featureFree Trial Available?Yes
  • Does not have featureFree or Freemium Version Available?No
  • Has featurePremium Consulting/Integration Services Available?Yes
  • Entry-level set up fee?No

Cofense PhishMe Customer Size Distribution

Consumers
0%
Small Businesses (1-50 employees)
4%
Mid-Size Companies (51-500 employees)
35%
Enterprises (> 500 employees)
61%

Cofense PhishMe Support Options

 Paid Version
Phone
Live Chat
Email
Forum/Community
FAQ/Knowledgebase
Video Tutorials / Webinar

Cofense PhishMe Technical Details

Deployment Types:SaaS
Operating Systems: Unspecified
Mobile Application:No
Supported Countries:Global
Supported Languages: English - American, English – British, English – Australian, Afrikaans, Arabic, Chinese – Simplified, Chinese – Traditional, Czech, Danish, Dutch, Finnish, French, French – Canadian, German, Greek, Indonesian, Italian, Japanese, Korean, Norwegian, Polish, Portuguese, Brazilian Portuguese, Romanian, Russian, Serbian, Slovak, Spanish, Spanish – Latin American, Swedish, and Turkish