Must have solution for building security awareness, building a process for staff to report phishing emails, & equipping security / IT staff to respond to reported phishign emails.
December 27, 2023
Must have solution for building security awareness, building a process for staff to report phishing emails, & equipping security / IT staff to respond to reported phishign emails.
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with KnowBe4 PhishER
Our primary use of KnowB4 PhishER is as a reception center for potential phishing emails received by our staff. It helps us analyze information about the email to determine whether it is is a threat or not, if so then pull the emails out of everyone's inbox, & block the senders. We also have the PhishER+ add-on which proactively blocks known malicious sender, links, & files.
The problems we are solving with PhishER are having a better system for staff to report potential phishing emails than writing emails to me & it also gives me better tools to evaluate the threat of reported emails.
The problems we are solving with PhishER are having a better system for staff to report potential phishing emails than writing emails to me & it also gives me better tools to evaluate the threat of reported emails.
- Phish Alert Button is easy for our staff to use & it is being used frequently
- The ML, AI, & VirusTotal analytics on reported emails are very helpful in evaluating whether an email is truly a threat or not
- The Phish RIP feature is useful for pulling phishing emails out of other staff members inboxes when a phishing email went to multiple people but not everyone reported it
- PhishER+ is a great proactive tool for keeping out known threats
- PhishRIP is successful at pulling most emails out of inboxes but sometimes it is not despite running the query in multiple ways. I will run a message trace in Microsoft Exchange & find 10 emails but then sometimes I am only able to find 8 to delete w/ PhishRIP. If it could somehow integrate with Microsoft Exchange Message Trace to make it easier to pull them all that would be helpful
- I would like to see a way for staff to report Smishing messages from their phone
- For PhishER+ I would like to the option for entries onto the BlockList to remain permanently. I know there is a limit to how many can be added but that limit is being increased. In Microsoft Blocklist if you manually add one you have the option to have it never be removed.
- It has greatly increased phishing / security awareness by our staff by having a designated button & process for reporting phishing emails
- It provides greater protection through the ability to delete emails from multiple recipients even if not all of them reported the email
- It saves time for me to have to evaluate whether or not an email reported is a real threat through the ML/AI/VirusTotal scores
Yes we use the automated actions feature so that emails that are found with a high confidence to be "Clean" or "Spam" & not "Threat" are automatically resolved with an email automatically sent to the reporter notifying them of the findings. There is also an automated email sent to me in additional to the initial report letting me know if the email is found to be threat with high confidence that provides me the sender email address so I have it to block right away. This saves me time from no longer having to email reporters when the email is safe or just marketing spam.
All of them.
We have a more efficient process for receiving & responding to reported phishing emails. We have not have not had a breach since we started using KnowB4 a couple years ago. We have used PhishFlip to take phishing emails we have been receiving most often & then turn them into testing templates to greatly increase the awareness of these particular threats we are receiving amongst our staff so that everybody truly knows that the particular theme is a scam/threat.
I was not involved in selecting KnowB4 as our phishing solution I am not aware if we considered any other options. I know Microsoft Defender has it's own simulated phishing system but I have not researched it or used it much nor am I interested in doing that. KnowB4 Customer Success & Support is excellent. My experience with Microsoft Support has been the complete opposite so I am not interested in using them more than I have to.
Do you think KnowBe4 PhishER/PhishER Plus delivers good value for the price?
Yes
Are you happy with KnowBe4 PhishER/PhishER Plus's feature set?
Yes
Did KnowBe4 PhishER/PhishER Plus live up to sales and marketing promises?
Yes
Did implementation of KnowBe4 PhishER/PhishER Plus go as expected?
Yes
Would you buy KnowBe4 PhishER/PhishER Plus again?
Yes