Catch Fake Emails with PhishER!
December 18, 2023
Catch Fake Emails with PhishER!
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with KnowBe4 PhishER
PhishER is one of the primary tools we use to combat phishing emails and users potentially getting viruses. We do our best to train our users to click on the PAB (Phish Alert Button) whenever they see a suspicious email. We stress security by using 2FA, changing passwords on a regular basis, and teaching people to "think before they click".
We've got great buy-in from most management regarding issues like this as well. The best part of the software is being able to run queries on submitted emails and then quarantining and deleting said emails.
We've got great buy-in from most management regarding issues like this as well. The best part of the software is being able to run queries on submitted emails and then quarantining and deleting said emails.
- Allows the removal of Malicious Emails
- Groups similar emails into categories for email reporting
- Also allows you to see who has submitted the most phishing/spam/clean emails within reports.
- GUI Based search rules, the current way to create rules for specific the current way to create a rule is using "yara" conditions, which for someone that is not familiar with them can be cumbersome.
- A wider way to find similar messages. Currently you have to choose from 2 of 5 options, and you don't always find malicious emails when using just subject/sender (when the sender is clearly the same for a targeted phishing campaign).
- SOMETIMES the speed with which a submitted email hit's the PhishER Inbox can be longer than I would like (closer to an hour) and others it is within seconds.
- It has allowed us to free up time and allow us to focus on other security issues.
- Helps to cut down on the amount of phishing related security issues internally.
- Lets us rest easy when end-users submit emails knowing they're clearly phishing emails.
The service helps us to determine when there may actually be an active phishing campaign going on targeting our company. We have some "basic" rules setup that will allow us to determine when someone submits an email that is SPAM/CLEAN/or a THREAT and we'll take action as needed.
Our organization has implemented PhishML and PhishRIP. Everytime we've tried to implement the blocklist, we wind up getting errors and delays when someone actually submits an email for review to us and we wind up having to reset the whole connection to Office 365. PhishFlip is something that we're still investigating to see if/how that would benefit us internally though.
PhishML is something that helps to automatically determine the confidence of an email. We've had to turn the "clean" confidence down since we saw early on that it was marking threats as clean.
PhishRIP is (in my opinion) the best feature of PhishER. We can run queries on submitted emails and remove them from mailboxes with only a few simple clicks.
PhishRIP is (in my opinion) the best feature of PhishER. We can run queries on submitted emails and remove them from mailboxes with only a few simple clicks.
- Arctic Wolf Managed Detection and Response, BlackBerry Optics (CylanceOPTICS), BlackBerry Protect (CylancePROTECT) and KnowBe4 Security Awareness Training
We chose KnowBe4 based on the variety phish testing templates, variety of training, and ease of use for us as administrators. Plus they present things in a way that a non-technical person can understand when they are taking a training module. The integration with PhishER is a massive bonus as well.
Do you think KnowBe4 PhishER/PhishER Plus delivers good value for the price?
Yes
Are you happy with KnowBe4 PhishER/PhishER Plus's feature set?
Yes
Did KnowBe4 PhishER/PhishER Plus live up to sales and marketing promises?
Yes
Did implementation of KnowBe4 PhishER/PhishER Plus go as expected?
Yes
Would you buy KnowBe4 PhishER/PhishER Plus again?
Yes