Click Report

Joane Bonghanoy
Updated

The Click Report displays your learner's Phishing activity via Baseline, Campaign and Spear Phishing emails. 

 Important

  1. The click-through rate (CTR) is determined by 'unique clicks', which is the first time an employee interacts with a simulated phishing email.
  2. CTR shows in 2 decimal places and quickly shows which learners are engaging with simulated phishing emails.
  3. CTR encompasses various actions performed by the learners such as Clicks, Opened Attachment, Submitted Credential and QR Code included in the phishing simulation email. 

Benefits of the Click Report

  1. It lists the learners who engage with simulated phishing emails
  2. There are a range of filters that can be applied to customise your report
  3. Reports can be downloaded as a CSV
  4. Reports can be extracted Reporting API
  5. Reports can be scheduled for sending via Report Scheduling: Click Report

click5.png

Click Report Definitions

Action

Definition
Opened

When a learner has opened an email.

Note: 

  1. An Open is registered when a transparent 1x1 pixel image embedded in the email is downloaded.
  2. Email clients can prevent images from being downloaded by default. In these cases, if a user or the learner does not opt-in to download images, an open will not be recorded
Clicked Link When a learner has clicked on a link in a simulated phishing email.
Opened Attachment When a learner opens an attachment in a link in a simulated phishing email.
QR Code When a learner scans a QR Code in a simulated phishing email.
Credential Capture When a learner submits log-in credentials or details on the simulated landing page.

How to Run a Click Report

  1. Select Dashboard > Click Report and choose the preferred phishing simulation block (Baseline, Campaign, Spear Phishing). click1.png
  2. Filter from the relevant or preferred fields: click3.png
    1. Date range = desired date range or the dates phishing simulation was scheduled
    2. Segment = Microsoft Entra ID Attributes or Security Group/s synched to Phriendly Phishing
    3. Action = actions taken by learners
    4. IPs = Included IPs means, actions that are reflected in your CTR ; Excluded IPs means actions received but were excluded from your CTR. These IPs are part of our Global Exclusion List
    5. Attachment
    6. Credential Capture
    7. QR Code
  3. After selecting the filters, click Apply Filters button.
  4. The report lists the learner's:
    1. Email address
    2. Zone Name
    3. Segment
    4. Timestamp (time when the action occurred)
    5. Phishing Email (Subject of the phishing email that the learner received)
    6. Name of the Phishing block (Baseline, Campaign, Spear Phishing)
    7. IP address
    8. User Agent's workstation
    9. Attachment (Yes/No)
    10. Credential Capture link (Yes/No)
    11. QR Code (Yes/No)
    12. Action
    13. Excluded (If IP is part of CTR or not ; Yes/No)
    14. Department (if synched to Phriendly Phishing)

  Warning 
If you notice some of the results are not from your organisation this might indicate there are false positives in your data. For more information on false positives, refer to this article. 

How to Download a Click Report

  1. After selecting the filters of the report as documented in How to Run a Click Report, click the Download CSV button.

    click4.png

  2. Below definitions per report
    • Historical Reports = Click Report since account creation
    • Filtered Report = Click Report per current filters
    • Click report by month = monthly click report

Video tutorial: Click Report 

Related to

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Article is closed for comments.