Skip to main content
TrustRadius
KnowBe4 PhishER/PhishER Plus

KnowBe4 PhishER/PhishER Plus

Overview

What is KnowBe4 PhishER/PhishER Plus?

PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and…

Read more
Recent Reviews

Phishing Hero!

10 out of 10
March 13, 2024
Incentivized
We use KnowBe4 PhishER with our KMSAT. KnowBe4 PhishER is basically helping us to resolve our biggest security problem and that is …
Continue reading
Read all reviews

How KnowBe4 PhishER/PhishER Plus Differs From Its Competitors

Time Savings

With KnowBe4 PhishER, we freed up incident response analysts' time to focus on more critical threat emails and associated mitigation actions. This has freed up analyst time, and they can now spend it on projects and security training, primarily related to cloud security technology. PhishER's quick …
Continue reading

Time Savings

By handling 75% of emails that are reported with the PAB, analyzing and replying to the reporter without intervention, KnowBe4 PhishER has saved us hours and hours of handling and research time. Even the 25% or less amount of emails we have to manual review are quicker because KnowBe4 PhishER has …
Continue reading

Time Savings

It's pretty simple. It saves time by managing whether emails are threats or spam. If a user clicks on a suspicious email and Knowbe4 knows that, then a technician doesn't have to review the email.
Continue reading

Time Savings

Everyday we are getting phishing, spam, and clean emails reported via the KnowBe4 phish alert button. Auto resolving spam and clean emails help us prioritize and streamline our response to valid phishing emails. This frees up our team for blocking real threats and investigating emails that might …
Continue reading

PhishER Capabilities

We use PhishRIP, PhishFlip, and PhihsER Blocklist. These tools help us keep everything in one place. PhishRIP pulls threats that were reported by users via the Phish Alert Button from other mailboxes to keep these from getting clicked on. PhishFlip helps us use real phishing emails as phishing …
Continue reading

Time Savings

Instead of depending on individuals to alert our security team and handling incidents one email at a time, we can see & manage threats at the organization level, even removing them before one of our team members even sees an email.
Continue reading

Time Savings

We're able to have potential phishing emails go to a centralized dashboard. There, they can sit while we assign a rating and the possibility of a phishing attempt. This saves our organization time and energy so we can focus on the critical side of business. We're also able to let users know …
Continue reading

Time Savings

KnowBe4 PhishER has allowed us to focus on other core security related issues by allowing users to report emails and having KnowBe4 PhishER identify what type of threat the email is and what must be done with it. We can then go through a update any we believe were incorrectly identified, but this …
Continue reading

PhishER Capabilities

We have implemented PhishRIP as it easily allows KnowBe4 PhishER to identify duplicate scam/phishing emails in other users mailboxes and quarantines them. We also use Blocklist regularly to ensure further emails from the same senders are blocked from our network and users mailboxes. We finally use …
Continue reading

Time Savings

The machine learning portion of PhishER does a great job of identifying good, bad, and suspicious actors and brings all of them to our attention in an easy to use dashboard. The reporting of bad actors is quick, and the response to mitigate is fast as well.
Continue reading

PhishER Capabilities

We currently utilize the PhishML to help us determine whether an email is a legitmate threat, spam, or otherwise suspicious. All without us having to individually review every submission. PhishRIP does the leg work of removing legitimate threats from all inboxes (or sub folders) automatically. …
Continue reading

Time Savings

Thanks to the built-in machine learning features, KnowBe4 PhishER has greatly increased our ability to identify and respond to reported emails. For example, we will automatically mark high-confidence phishing emails as malicious and begin the process to block the sender and quarantine the email …
Continue reading

Time Savings

Yes, I now only need to work through what is deemed a Threat, while that doesn't keep me from monitoring other reported emails, I now only jump on the Threats and glance over the other reported. The time it has freed up I have been able to use on other projects and even more quickly be able to …
Continue reading

PhishER Capabilities

PhishML and PhishER Blocklist is a newer addon feature we do not currently have. Maybe someday as the volume increases, but currently the cost addon for those services is why we don't have them. I kind of think these new services should have been just included with PhishER as a new feature …
Continue reading

Time Savings

It's saved us a bunch of time by having the threats/spam sent to me in an email notice real time. The dashboard keeps me up to date as well. I like that we're also helping AI learn so it helps others. The more people use it the better the AI becomes.
Continue reading

PhishER Capabilities

We're using PhishRIP. We've only used it a few months so we're just getting used to it. We're hoping to use it more in the future.
By pulling all reported email messages it prevents anyone from clicking a link they shouldn't. Saves us money and time.
Continue reading

Time Savings

The categorization and filtering enable us to spend between 20 and six minutes checking out a submitted message instead of 25 to 30 minutes for a full manual back-trace. This is something that we can stay on a call for if the user submits a message to us and then calls because they're …
Continue reading

PhishER Capabilities

PhishRIP and PhishFlip I've already talked of. They are great tools to prevent 'frequent clickers' from getting caught and causing security issues. If a savvy user catches an email and submits it, being able to scan every user mailbox for similar messages and pre-emptively delete …
Continue reading

Time Savings

Staff time is saved by PhishER removing reported phishes from all mailboxes, not just that of the reporter. It also means fewer users are exposed to the risk that the phish poses.
Continue reading

PhishER Capabilities

We use PhishML and PhishRIP. PhishFlip hasn't been needed as KnowBe4's simulated phishing templates are already very good.
We've saved a lot of staff time and reduced our risk by using PhishER.
Continue reading

Time Savings

I have simply been able to pull all of the phsh emails from the dashboard without having to take screenshots and send out mass communication hoping that it's red before the phshing email is opened
Continue reading

Time Savings

The service helps us to determine when there may actually be an active phishing campaign going on targeting our company. We have some "basic" rules setup that will allow us to determine when someone submits an email that is SPAM/CLEAN/or a THREAT and we'll take action as needed.
Continue reading

PhishER Capabilities

Our organization has implemented PhishML and PhishRIP. Everytime we've tried to implement the blocklist, we wind up getting errors and delays when someone actually submits an email for review to us and we wind up having to reset the whole connection to Office 365. PhishFlip is something that we're …
Continue reading

Time Savings

A little soon to tell, but there's more of a "set it and forget it" quality that you could take advantage of. I actually want a little more "noise" so I can see what people are reporting.

Revision - too many false positives.
Continue reading

PhishER Capabilities

I don't think we've implemented this yet - or know about these particular features. The feature set is large - and I think the best approach is short sessions with support to scale up the implementation.
We've had to turn them off.
Continue reading

PhishER Capabilities

We use PhishML to ensure transfer of knowledge takes place. Users go through the training and then are sent emails to test their knowledge of what was covered within the KnowBe4 PhishER training. It is a great knowledge check.
If the user fails the test email, they are automatically signed up for …
Continue reading

Time Savings

I am not an expert on how exactly KnowBe4 PhishER functions in background but their tools seem to function as expected at identifying threats correctly. This automation will save us much time in the future as we do not have to go in and look at all submitted emails manually. This is/was very time …
Continue reading

Time Savings

KnowBe4 PhishER frees up staff time every day by determining the validity of messages coming into our organization. It also helps all other staff when they are trying to determine the validity of messages that end up in their Inboxes.
Continue reading

Time Savings

KnowBe4 PhishER cuts through the noise of malicious phishing emails through the use of Machine Learning allowing our technicians to address the most critical emails first while allowing for automation to take care of the rest.
Continue reading

PhishER Capabilities

We have implemented all of the above features within KnowBe4 PhishER.
These features have helped to both prevent phishing emails success as well as to help to train our staff on real world phishing examples without the dangers of using active phishing campaigns.
Continue reading

Time Savings

Our CEO is often spoofed. Staff have been able to recognize this and report the emails using the phish alert button with ease. Staff have been using the messaging feature when reporting to explain why they think the email is a scam. The messaging feature alone has provided yet another way to teach …
Continue reading

PhishER Capabilities

We have implemented PhishRip and PhishFlip. PhishRip is very user-friendly and lets me easily remove an unwanted email from everyone's inbox. We have not used PhishFlip nearly as much. PhishER Blocklist would be very helpful if it worked for GSuite users, not just Microsoft.
PhishRip has allowed …
Continue reading

Time Savings

KnowBe4 PhishER's machine learning models are fairly accurate in identifying spam vs. threats. This helps save time in the analysis of emails, especially if there is a backlog of emails to go through. A majority of emails we receive are spam, so it has saved us time to have to investigate threats.
Continue reading

PhishER Capabilities

We've implemented all of these, PhishML, PhishRIP, PhisFlip, except the blocklist in our org. The blocklist is not supported on Google Workspace I believe.
Using these has saved us time in having to analyze and also keep up with the latest phishing tactics/emails that threat actors are using …
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 5 features
  • Company-wide Incident Reporting (52)
    7.8
    78%
  • Live Response for Rapid Remediation (55)
    7.8
    78%
  • Centralized Dashboard (62)
    7.8
    78%
  • Machine Learning to Prevent Incidents (54)
    7.7
    77%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing

3001-5000 Monthly Pricing Per Seat

$0.50

Cloud
per month (billed annually) per seat

2001-3000 Monthly Pricing Per Seat

$0.55

Cloud
per month (billed annually) per seat

1001-2000 Monthly Pricing Per Seat

$0.65

Cloud
per month (billed annually) per seat

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.knowbe4.com/pricing-phisher

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Features

Incident Response Platforms

Incident response (IR) platforms guide countermeasures against a security breach and deploy preplanned, automated threat responses

7.6
Avg 8.5
Return to navigation

Product Details

What is KnowBe4 PhishER/PhishER Plus?

PhishER is a platform for managing the high volume of potentially malicious email messages reported by users. With automatic prioritization of emails, PhishER aims to help InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.

PhishER is a web-based platform with critical worksteam functionality that serves as a phishing emergency room to identify and respond to user-reported messages. With PhishER, users are able to automate the workstream of 90% of reported emails that are not threats, freeing up incident response resources.

PhishER is available as a stand-alone product or as an optional add-on for KnowBe4 customers that want to automatically prioritize and manage potentially malicious messages that were reported through the KnowBe4 Phish Alert Button. PhishER Plus is an upgraded subscription level that includes all of the features from PhishER with additional enhancements and AI-validated crowdsourced data. PhishER Plus was developed to help supercharge an organization’s email security defenses. It does this by automatically blocking phishing attacks that traditional Security Email Gateways (SEGs) miss and removes these missed threats from users’ inboxes.

KnowBe4 PhishER/PhishER Plus Features

Incident Response Platforms Features

  • Supported: Company-wide Incident Reporting
  • Supported: Integration with Other Security Systems
  • Supported: Centralized Dashboard
  • Supported: Machine Learning to Prevent Incidents
  • Supported: Live Response for Rapid Remediation

Additional Features

  • Supported: Automatic Message Prioritization

KnowBe4 PhishER/PhishER Plus Screenshots

Screenshot of This is a diagram of the PhishER workflow. Reviewing the PhishER workflow before getting started will provide an understanding of how PhishER, PhishRIP and PhishFlip work.Screenshot of The Reports screen will display five different dashboards of information.Screenshot of When entering the PhishER platform, the first screen that appears is the Dashboard. Here, a quick overview of the PhishER platform will appear.

KnowBe4 PhishER/PhishER Plus Video

Introduction to PhishER

KnowBe4 PhishER/PhishER Plus Integrations

KnowBe4 PhishER/PhishER Plus Competitors

KnowBe4 PhishER/PhishER Plus Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal

KnowBe4 PhishER/PhishER Plus Downloadables

Frequently Asked Questions

PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.

Cofense Triage, Infosec IQ, and Proofpoint Threat Response Auto-Pull are common alternatives for KnowBe4 PhishER/PhishER Plus.

Reviewers rate Company-wide Incident Reporting and Centralized Dashboard and Live Response for Rapid Remediation highest, with a score of 7.8.

The most common users of KnowBe4 PhishER/PhishER Plus are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(160)

Attribute Ratings

Reviews

(1-25 of 41)
Companies can't remove reviews or game the system. Here's why
March 19, 2024

KnowBE4 PhishER Review.

Verified User
Director in Information Technology
Information Technology & Services Company, 5001-10,000 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Before KnowBe4 PhishER, our SOC analysts would manually investigate hundreds of suspect/phishing emails reported by end-users that would slip our perimeter defense. After implementing the PhishER SOAR platform, we could automate the process end-to-end by categorizing the reported emails as benign, spam, and threat emails, including integration with our ticketing platform. This has saved hundreds of our security analysts' hours and enabled them to act immediately on critical threat phishing emails.
Pros and Cons
  • Categorization of suspect emails to Benign, SPAM and Threat.
  • Integration to VirusTotal, Ticketing platform.
  • Smart Dashboards.
  • Canned auto - response email to end-users.
  • AI/ML algorithm could be improved to reduce false positives and increase auto-resolved suspect emails.
Likelihood to Recommend
PhishER plugs a "Report to Cybersecurity" button in your organization's user Outlook client. This enables users to report any suspect email to your security operations center. The SOAR capability in the platform makes it quick to decipher suspect emails as benign, spam, or threat, and it automatically responds to users with immediate details. This saves hundreds of security analysts hours that would otherwise have been spent focusing on critical threat email actions. Malicious attackers have become intelligent and sophisticated; hundreds and thousands of emails slip through the mail perimeter defense and directly land on user mailboxes. With PhishER, security analysts can quickly respond to the threat emails, including deleting the emails from user inboxes.
March 18, 2024

KnowBe4 PhishER - security made simple

Verified User
Administrator in Information Technology
Government Relations Company, 51-200 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use it as a filtering tool that our end users can employ. Instructed to use the Phish Alert Button on ANY questionable emails allows us to get them into a habit of doubt if not an expected email. KnowBe4 PhishER analyzes and makes a determination on about 70% but holds for IT to review manually the rest. This can be adjusted but we have thresholds high to reduce risk of something slipping through. What this has accomplished for us two fold. 1. it makes it less time consuming to report a questionable email to IT and 2. allows the users to put into practice with a simple click all the "think before you click" training we use.
Pros and Cons
  • Automatically evaluates reported emails
  • Once it determines a threat, it pulls the email from all other mailboxes and quarantines them
  • One button block list can be set up for repeat senders
  • If an email is determined to be clean, a button to notify the reporter that it was clean and that they could find it in the deleted folder, with reference to the email would be nice.
Likelihood to Recommend
It is wonderful at screening emails reported with the PAB and promptly responding with the results.
March 15, 2024

KnowBe4 PhishER works for me!

Verified User
Director in Information Technology
Retail Company, 501-1000 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use KnowBe4 PhishER to help streamline the process of going through suspicious emails. The main problem being the time required to analyize and classify emails that come into the helpdesk as questionable. PhishER takes a good portion of that workload off of our staff and quickly classifies the known threats and spam emails so that we're only left with a handful of emails to manually go through. In addition the PhishER platform provides a ripping procedure to go out and remove those malicious emails from any other mailbox with those bad emails.
Pros and Cons
  • User Interface is easy to use.
  • Saves time by classifying emails as malicious or not.
  • In PhishRip portion would like to see more details regarding the message that is being ripped.
Likelihood to Recommend
It works great for teams that have limited time to manually review suspicious emails. Depending on your user count, it will free up a couple of minutes a day or more.
March 15, 2024

Happy with PhishER

RR
Ricky Robertson
Director of IT and Security
HealthOne Alliance (Hospital & Health Care, 201-500 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use KnowBe4 PhishER to prioritize and streamline our response to reported phish alerts by our users. Once the user spots a phish and uses the phish alert icon, the email is sent to our PhishER platform. We have rules set up to spot and respond to certain reported emails such as SPAM and Clean emails. This takes a lot of burden off of our team and can really concentrate on real phishing emails. PhishER also highlights header information so we can look right where we need to look.
Pros and Cons
  • Automates phish report response
  • Highlights email header information
  • Saves time for our team.
  • The rule setup could be easier to follow
  • Make it so you don't have to click back and forth with manually looking at emails
  • Make the email quarantine longer than 30 days.
Likelihood to Recommend
We have many emails reported to our team every day. Most emails reported are not true phishing emails and are mostly Spam or Clean. KnowBe4 PhishER saves my team time buy auto labeling the email as Spam or return a canned response from my team if the email is clean. This saves me time and gets important legitimate emails responded to quicker.
March 13, 2024

KnowBe4 PhishER - an easy and robust application

Henry W. Piel | TrustRadius Reviewer
Henry W. Piel
Executive Director, Quality
Aerovate Therpaeutics (Biotechnology, 11-50 employees)
Score 10 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
KnowBe4 PhishER offers an "all in one" nice application for training, security, and testing exercises (e.g., "phishing"). My company has been using KnowBe4 PhishER for a year and half, and the internal feedback on this product is quite positive. The training sessions are interesting and keep the team's attention.
Pros and Cons
  • Customer Support; especially when we brough the application on board. The attention to detail, instruction, and help KnowBe4 team gave us is quite good!
  • A wide variety of trainings, over a multitude of topics.
  • Phishing Tests; "set it and forget" with metrics!
  • For start-up biotech/pharmaceuticals, I think KnowBe4 PhishER is the perfect addition!
Likelihood to Recommend
The application is very easy to set up, maintain, and extrapolate metrics for the Senior Management Team.
March 13, 2024

Strong recommendation for KnowBe4 PhishER and all KnowBe4 products

Bill DeLong | TrustRadius Reviewer
Bill DeLong
CIO
TimePayment (Financial Services, 51-200 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Being in the financial services industry, our employees have to always be on alert for phishing and social engineering scams. KnowBe4 PhishER gives our security team the visibility it needs to quickly identify and remove potential email-based threats. It protects our organization and saves us a lot of time, money, and headaches.
Pros and Cons
  • Simple, easy to use. Minimal training required.
  • Helps you focus on the most important vs. reviewing thousands of emails.
  • Doesn't require a full-time resource.
  • Ability to integrate/share data with other SIEM solutions.
Likelihood to Recommend
It is a fantastic solution for small-to-medium sized companies that have a small security staff and need a simple solution that provides the needed monitoring & alerting but doesn't require a large team or a lot of time to implement. KnowBe4 PhishER can be up and running in minutes, providing valuable insight & protection and training opportunities.
March 13, 2024

KnowBe4 PhishER is a great service

JL
Joe Lalonde
IT Manager
Bold Furniture (Furniture, 51-200 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Having been the victim of ransomware attacks at my previous organization, I knew the importance of having my users trained to know the threats they would be facing in the digital world. That's why I chose KnowBe4 PhishER. We use KnowBe4 PhishER to train users on what a phishing attempt looks like, what to do if they see something that doesn't look right, and how to stay safe in a digital world. This keeps our network safer from outside threats.
Pros and Cons
  • Allows users to notify admins of a phishing email
  • Helps us train our users on proper email usage
  • Gives us information on what kind of emails are being reported
  • KnowBe4 PhishER could have a simpler login process
  • Email notifications would be nice
  • A phish confidence level on the emails reported could be useful
Likelihood to Recommend
I feel KnowBe4 PhishER is useful for any organization that has users connecting to the internet and receiving emails. The ability to report phishing attempts before they become an issue is a huge help to any systems admin, especially when you don't have a large team. It's a really helpful tool.
March 13, 2024

KnowBe4 PhishER - A great tool to use as a second line of defense

Verified User
Technician in Information Technology
Education Management Company, 201-500 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use KnowBe4 PhishER to allow staff to report emails they find suspicious to us for review. This works very well and helps to train people in scam and phishing emails. We also use it as a secondary defense system, we have a security system to block emails that are malicious or include profanity, etc. but when that email system doesn't block a certain email, KnowBe4 PhishER can be used by the staff member to report and quarantine the email. We can then use it to block any further emails from coming through.
Pros and Cons
  • Reporting Emails
  • Blocking Domains and Senders
  • Virus Total Built In
  • Discussion with other Admins
  • Ability to discuss with User (Not Just Admins)
  • Ability to Block Senders and Domains for Longer than 60 days
  • Ability to view information such as IP Address, Estimated Location at a glance
Likelihood to Recommend
KnowBe4 PhishER is well suited for environments that are very vulnerable to attacks such as Schools and Governments Authorities. This is because not every email that is phishing or malicious gets blocked by an Email Security System, so having KnowBe4 PhishER as a secondary line of defense would help to keep your systems more secure while also helping to train users in what kinds of emails are Phishing and what to look out for.
March 11, 2024

PhishER - Don't Phone Home Without It.

AG
Adam Graham
Network Security Engineer
Portsmouth Public Schools (Education Management, 1001-5000 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
The PhishER platform is an invaluable tool for our organization as it gives us real time insight when we are 'under attack' by a bad actor (or actors). We are able to identify trends, targeted users and methods used by the bad actors in trying to gain access or steal information. On top of this, the PhishRIP feature integrates with our GSuite and scans/quarantines other instances of reported emails that are deemed malicious.
Pros and Cons
  • The machine based learning does a great job of correctly identifying safe vs. malicious emails.
  • PhishRIP does an excellent job of finding and quarantining similar emails from other users accounts.
  • The reports give us a real time insight into trends and campaigns launched by bad actors.
  • Somtimes the PAB (or Phish Hook) has to have its permissions revalidated. This is a quick fix, but takes some knowledge.
  • I honestly can't think of any other shortcomings at this time.
  • See #1
Likelihood to Recommend
I can't say enough good things about PhishER. While Google Mail does have the ability to report spam and malicious content, the reporting isn't as user friendly. Having PhishER gives us insight into the email landscape of our end users, and even affords us the ability to retroactively learn some of the techniques used by bad actors so that we can further educate our end users.
December 19, 2023

Sifting the Sea of Suspicion: PhishER Unleashed for Phishing Email Sleuthing

Verified User
Director in Information Technology
Food & Beverages Company, 1001-5000 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use it to facilitate in the review of reported suspected phishing emails. It provides ease of review as all necessary information needed to determine a suspected email as phishing is readily available. It also provides automation for known false positives.
Pros and Cons
  • automation tasks for known false positives
  • providing information for phishing email determination
  • informative dashboard
  • setting up automated tasks
  • rooms is not really understood
  • customizable reports
Likelihood to Recommend
best for managing phishing email reporting
December 19, 2023

KnowBe4 PhishER - Rapid and efficiency phishing response

Verified User
Supervisor in Information Technology
Financial Services Company, 51-200 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
KnowBe4 PhishER perfectly solved our issues with responding to phishing emails. Previously, responding to malicious emails was a completely manual process, and we could not respond nearly as quickly or efficiently as we wanted to.
With KnowBe4 PhishER, the process is now highly automated, and we can remove phishing emails from dozens of inboxes in just a few clicks.
Our users appreciate it because they receive much quicker feedback on clean emails.
IT appreciates it because it makes our job a breeze and lets us focus on the important elements of incident response.
Management appreciates it because it helps keep our institution safer and gives them excellent reporting metrics.
Pros and Cons
  • Quick phishing email review
  • Automated analysis and tagging
  • Immediate quarantine and removal
  • Quicker / more efficient PhishRIP
  • Improved "Find Similar Messages" filtering options
  • Improved notification options
Likelihood to Recommend
KnowBe4 PhishER is highly efficient and cost effective, making it a great fit for small to medium businesses that are considered about phishing attacks. KnowBe4 PhishER helps small teams respond to phishing emails with the resources and efficiency of larger teams. It fits well with existing KnowBe4 clients, as the Phish Alert button is already in use and training modules for coworkers are available to instruct how to use the button.
December 19, 2023

You've got to get KnowBe4 PhishER

WM
William Moreno
Information Technology Manager
Community Waste Disposal (Transportation/Trucking/Railroad, 201-500 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
I love the AI behind this tool. It monitors and detects my phishing emails. It's an awesome tool that compliments our other endpoint solutions.
Pros and Cons
  • Blocks emails based on sender, attachments and URLs
  • Pulls known phishing emails
  • Converts phishing emails to training emails
  • Integrates with Outlook
  • Preview attachments when blocking them
  • Send emails externally when using actions
  • More powerful PhishRIP
Likelihood to Recommend
Anyone can benefit from KnowBe4 PhishER. It's easy to setup and integrate with Outlook. Viewing emails is a breeze.
December 18, 2023

PhishER, will probably save your Admin time.

Verified User
Engineer in Information Technology
Transportation/Trucking/Railroad Company, 5001-10,000 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
PhishER is a KnowBe4 addon that works alongside the Phish Alert Button that KnowBe4 has. Once we hit where there were more emails being reported from users than easily able to manage, we needed this additional solution to help alert us to what was probably a Threat. This probably is helping to address our time more efficiently by pointing out the high Threats, as well as auto responding to end users on known clean emails they have reported.
Pros and Cons
  • Find Threat emails
  • Auto respond to clean emails the end user needs.
  • Lowers the number of critical emails admins need to work with.
  • Removes Threat emails directly from the end users mailbox.
  • Query isn't granular enough to pull emails from mailboxes for spam that have very little information. Like no subject, no body, no attachment. It requires at least 2 items to query.
  • It needs an additional Virus Total account. Knowbe4 should build that into the back end and just charge accordingly for the enterprise connection. Felt blindsided to the additional cost needed later.
  • Some of the rules and actions are more complicated to setup than it should be. Which could be addressed for parts of that with a simplified interface and more intuitive for the person to setup. Someone that works with the product every day probably understands it, but as much the setup is setup and forget you need to relearn how that might work the next time you need to make changes. It could be less programmer like and more user friendly.
Likelihood to Recommend
This works well when there is more Phish Alerts reported than IT can work through themselves. Letting you know which emails are more than likely Threats and automatically responding to emails with rules you have setup for certain clean emails. When a query does work you can automatically quarantine emails directly out of other mailboxes. While we haven't had the need to yet, if you quarantined the incorrect emails, you can also put those back.
December 18, 2023

Love KnowBe4 and PhishER!

JB
Jeff Bogaard
IT Manager
Mairs and Power (Financial Services, 11-50 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use it so people can click on messages to let us know if they are spam or threats. We've done extensive cybersecurity training with our users so it's been helped extend that. People are pretty good with it. Once in awhile we have a clean one that looks sketchy but I just send those back.
Pros and Cons
  • Lets the user know that the message has been sent to KnowBe4 and IT
  • Gives me a score on what they think the message is (clean, spam, threat)
  • Pulls message out of others inboxes
  • Might be nice to give users scores on how accurate they are with using it
  • It would be nice if it recommended certain messages if someone didn't check it
Likelihood to Recommend
Love that it keeps users involved with cybersecurity. Microsoft's email filters haven't been top notch so this really helps us rid the company of threats.
December 18, 2023

A great help to skeleton crew IT departments!

Verified User
Manager in Information Technology
Automotive Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
PhishER is used to automate the detection, response, and remediation of phishing emails as well as triage messages in general. It automates the process of breaking down the email headers and makes a MUCH faster and simpler response for a small IT department.<br><br>PhishRIP and PhishFlip are superb addons that allow us to scan our entire Exchange 365 environment for other copies of phishing mail and instantly purge them from other user's mailboxes that haven't reported them yet - and then turn around and use that very message as a training template with KnowBe4 to test users.<br><br>We can automate processes, scanning, detection, message flagging, and alerting from PhishER - it takes a bit to get set up well, but then it's cheaper than an FTE being hired on to help manage it all!
Pros and Cons
  • automated message header decoding
  • remote removal/deletion of phishing mails from entire mail environment
  • fast and easy false positive/clean identification
  • easier customization of automation rules
  • better end-user feedback to message submitter of submission status
Likelihood to Recommend
Small IT department use is great as it can be quite set-and-forget and saves money versus hiring.

Anything less than 10 users submitting messages to PhishER, and it's probably not worth the cost of the subscription in comparison to 1:1 communication.

If you have an email system that it doesn't tie well with, it'll be more difficult to get the really really nice integrations working in a way that truly saves time/effort/money.
December 18, 2023

PhishER saves time and reduces risk

Verified User
Manager in Information Technology
Online Media Company, 201-500 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
This is a great tool for automatically handling phishing emails that users report via the Phish Alert button that PhishER adds into the GMail client. We have set up processing rules that automatically remove the reported email from all other users' mailboxes when PhishER is confident the reported email is actually a phish. For emails that it's not certain about, there's a simple web portal flow that lets admins check the email, mark it accordingly, and run the remove-from-mailboxes action as needed.
Pros and Cons
  • Automates handling of reported phishing emails
  • Allows admins to check what's been done
  • Allows admins to manually handle emails the AI isn't sure about
  • The workflow for manually handling phish removal from all mailboxes is a bit "clicky"
  • Web UI can be a little slow
  • PhishER Plus (the shared blocklist) doesn't support GMail, only 365
Likelihood to Recommend
Automated handling of reported phishing emails is great when the tool is certain it's a phish and admins can set the threshold for that certainty.
Manual handling of the remaining reported phishing emails is a bit slow and "clicky".
December 18, 2023

Quick Thoughts

Chris Ericson | TrustRadius Reviewer
Chris Ericson
Technology Director
York public School (Education Management, 201-500 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
To evaluate potential email phisha attempts and quickly remove from others inbox before being read. Also used to flip to a simulation
Pros and Cons
  • Clean Users Inbox from threats
  • Alerts me in a timely manner
  • Scans
  • Simply use even more
  • Continue follow up training
Likelihood to Recommend
I like that even though I don't have a complete comfortable grasp of the platform, how quickly I can remove mass emails from users spread across to our organization
December 18, 2023

Catch Fake Emails with PhishER!

Verified User
Technician in Information Technology
Construction Company, 51-200 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
PhishER is one of the primary tools we use to combat phishing emails and users potentially getting viruses. We do our best to train our users to click on the PAB (Phish Alert Button) whenever they see a suspicious email. We stress security by using 2FA, changing passwords on a regular basis, and teaching people to "think before they click".

We've got great buy-in from most management regarding issues like this as well. The best part of the software is being able to run queries on submitted emails and then quarantining and deleting said emails.
Pros and Cons
  • Allows the removal of Malicious Emails
  • Groups similar emails into categories for email reporting
  • Also allows you to see who has submitted the most phishing/spam/clean emails within reports.
  • GUI Based search rules, the current way to create rules for specific the current way to create a rule is using "yara" conditions, which for someone that is not familiar with them can be cumbersome.
  • A wider way to find similar messages. Currently you have to choose from 2 of 5 options, and you don't always find malicious emails when using just subject/sender (when the sender is clearly the same for a targeted phishing campaign).
  • SOMETIMES the speed with which a submitted email hit's the PhishER Inbox can be longer than I would like (closer to an hour) and others it is within seconds.
Likelihood to Recommend
It does everything we've asked to do of it. There are numerous instances of us being able to find a phishing campaign where someone sent 30-50 emails to our company and being able to remove them from inboxes before someone takes any action on them. Whenever I see a large amount of emails quarantined and deleted it actually makes me feel happy (weirdly enough).
December 18, 2023

New Product. Still getting up to speed. Huge potential.

Adam Kuhn | TrustRadius Reviewer
Adam Kuhn
Director, IT
FIA (Non-profit Organization Management, 51-200 employees)
Score 2 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
My goal was tight integration with Microsoft 365 and quick blocking of phishing campaigns. Previously, blocking was a manual process, but with KnowBe4 PhishER - I wanted reporting of real threats to trigger protective action.
Pros and Cons
  • Integrate with M365
  • Integrate with KnowBe4 Phish Reporting
  • Provide feedback to staff
  • Setup of rules and actions is still a little confusing.
  • I don't want to create too much traffic for the end user - need to tweak.
  • I still want to see what users are submitting - a little tricky to figure out, but getting help.
Likelihood to Recommend
I've unfortunately had to downgrade my recommendation. I think the product hasn't been refined yet. By crowdsourcing anti-spam services, you end up with a system that flags legitimate email as high-confidence phishing messages. Defender users are no longer allowed to release their own quarantine items. Thus, the end result is a huge burden on IT to release legit messages.
September 22, 2023

KnowBe4 PhishER is the BEST product available

Verified User
Manager in Customer Service
Consumer Electronics Company, 51-200 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We were looking for a way to ensure all employees are up to date in all of the security trainings to help keep our competitive advantage. KnowBe4 PhishER has enabled us to keep automated track of who has taken what training seamlessly and efficiently. We really enjoy the content of the courses and the flexibility of training.
Pros and Cons
  • Training content is well crafted and professional
  • Reporting is quick and easy
  • They make learning fun and entertaining
  • Too many videos/training videos are released at once
  • Inside Man has been going on tooooooooo long
Likelihood to Recommend
KnowBe4 PhishER is great for all sized companies and is very easy to use. We are a smaller company and it works very well here. I can see this fitting into any sized company and adding immense value to their organization
August 24, 2023

KnowBe4 PhishER is a good tool at a good price

Verified User
Manager in Information Technology
Computer Software Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
KnowBe4 PhishER feature is a good tool because it puts a lot of automation into the process to where it saves us time. With our previous product, it was very manual and time consuming. KnowBe4 PhishER lets us create rules and can automate tasks that save us time. The PhishRIP function is great because it can proactively go back and remove emails from ones already delivered to inboxes.
Pros and Cons
  • Automation
  • good detection rules
  • ability to integrate with o365
  • support is very good
  • Since we are new to the product, I do not have anything for this option.
Likelihood to Recommend
Being in the Cybersecurity field, there is always to much work to do. This tool helps free up time for me and the team so we can concentrate on other safety aspects. The tool is fairly easy to setup and use. Unlike most companies, KnowBe4's documentation is extensive and detailed.
August 24, 2023

KnowBe4 PhishER does the job with a valuable product and superb support!

Verified User
Manager in Information Technology
Banking Company, 201-500 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use KnowBe4 PhishER to help staff determine if certain email messages are legitimate, spam or malicious in nature. We also use it to track the number of messages that employees click to report as possible malicious or spam messages.
Pros and Cons
  • Assist the InfoSec team in determining if a message is legitimate or not.
  • Easy was to read headers and raw data of messages
  • Automation of determining if a message is legitimate.
  • Setting up initial settings can be daunting without their support
  • The Search query can be difficult to learn until you gain the experience
  • Determining how to setup automatic messages back to employees initially
Likelihood to Recommend
In my opinion, if your IT department does not have individuals that have specific knowledge in determining the legitimacy of email messages, KnowBe4 PhishER will be a great asset to your organization. It takes the guesswork out of issues.
August 24, 2023

Great product for Phishing remediation

LE
Logan Estes
Cyber Security Training Specialist
Mascoma Bank (Financial Services, 201-500 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
KnowBe4 PhishER helps to address the constant influx of reported phishing emails that our end-users are exposed to. KnowBe4 PhishER allows for our technicians to rapidly respond to these reports to investigate and automate actions to help protect our end users from malicious emails.
Pros and Cons
  • Automation
  • Email details
  • Integration with other APIs
  • Further customization of auto-actions would be beneficial
Likelihood to Recommend
I think KnowBe4 PhishER is a perfect soluation for organizations that receive a great deal of phishing emails but do not have the manpower to address all of the reports coming in from end users.
August 07, 2023

PhishER is wonderful

MC
Marlana Collins
IT and Facilities Operations Manager
West Cecil Health Center (Hospital & Health Care, 51-200 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use PhishER for the Phish Alert Button that we were able to add to email. This has helped immensely with employees being able to report it with that button instead of forwarding any email to IT. The dashboard features for PhishER are nice and it will automatically run a virus report on any attachments or links in the email.
Pros and Cons
  • Phishrip
  • Email and attachment scans
  • Able to set up rules very easily
  • More integration with Gsuite
  • Creating blocklist for Gsuite
  • Rooms section on the dashboard is slow to load
Likelihood to Recommend
PhishER has been a wonderful tool to implement for staff to report emails. I have no complaints. Staff has been able to adapt to it very easily with the phish alert button. Communication using the message feature when reporting has been very helpful as well. PhishER is pretty accurate with their scans on the email links and attachments.
August 04, 2023

KnowBe4 PhishER makes phishing email remediation a breeze

Verified User
Manager in Information Technology
Information Technology & Services Company, 51-200 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We primarily use KnowBe4 PhishER to perform remediation and forensics on phishing emails in our organization. KnowBe4 PhishER gives us the ability to easily analyze emails, headers, and also strip the malicious content from emails as well as remove similar emails from our entire org's email servers. Automated remediation is our biggest use case.
Pros and Cons
  • Email forensics
  • Automated remediation
  • Converting real phishing emails into test emails
  • Navigation and UI can be a little clunky to use
  • Better training on usage
Likelihood to Recommend
I think KnowBe4 PhishER is good for smaller teams that want an easy way to analyze and remediate phishing emails in an organization. It is plenty capable and the machine learning is mostly accurate. There is no active scanning of emails since users need to report these emails, so it will not replace an email protection service. But it is nice to be able to flip real phishing emails and be able to use them as phishing test emails.
Return to navigation