Hello, SecurityIQ users!  As our dev team (Dave and Justin) continues to enhance our cloud-based security awareness education platform, I thought you all would like to know about some of the changes and upgrades available to you on SecurityIQ.

Here’s this week’s update:

  • Phishing Reports Now Include “Avoided” – We now summarize and graph all the times when learners avoided our phishing attacks (the green area below).
  • Simplified Home Page Signup – We brought the highly popular (a 30% signup rate!) home page layout from Phish.io over to SecurityIQ.
    •   
  • New Page to Add/List/Delete Learners – Users may now directly add, list and delete learners on the new “Learners” page. The Learner Groups page has been moved to a “Groups” entry on the “Learners” drop-down, and it is no longer necessary to add learners through the “All Learners” group.


  • Users’ Employees Can No Longer “Unsubscribe” – We changed the way “unsubscribe” links on phishing emails work so that our paid subscribers can prevent their employees from “unsubscribing” from future phishing tests.  However, people targeted at non-work email addresses and anyone targeted by a Free Plan user can still unsubscribe at any time.  (This is important because it keeps us off “spammer” lists.)
  • Campaign Delete – You can now delete campaigns.  Deleting a campaign will also take all its associated history with it and free up any associated learners (so you can delete those too).

Security Awareness

  • Custom “Subdomains” in Phishing Template “From” Addresses – You can now configure your phishing templates to send from “cancelled@accounts.payable.phish.io” and other emails that use long subdomains (e.g., the “accounts.payable” part).  Also, the list of domains (the “phish.io” part) will continue to grow over the next few months as we start to register more domains for our customers to use.


  • Improved Campaign Wizard – The campaign Wizard includes several new features that make it much easier (and forgiving) to use.  These include:
    • A “back” button that lets people change their minds about what to send, who to send it to or what to call it before they submit their campaign (rather than abandon the Wizard)
    • “How many are in there” counts on courses, batteries and learner groups


    • Automatic calculations on the final step that help people understand how many emails, how many notifications, how much training, etc. (and how many “Sends” for Free Tier users) they just set up

  • Integrated PhishSim Tutorial – A new step-by-step tutorial teaches prospects what campaigns are used for and how they can set up their first PhishSim campaign.

  • PhishSim “Bot” Learners – Prospects and customers who aren’t ready to target real people with their PhishSim campaigns (which is most of them) may now choose to target one of three groups of 500 simulated “bot” learners.  Bot campaigns run quickly (e.g., 3 day runs) and bots automatically get phished or detect phishing attempts, so prospects can quickly build up a phishing history in their reports with bot campaigns.  (The new tutorial sets up a PhishSim bot campaign for this exact reason.)


  • Daily Phished Notifications – We have replaced the instant “person got phished” notifications with automatic daily summaries that list everyone who got phished and what template got them to click.  These notifications will hit prospects who went through the PhishSim bot tutorial at least three times and probably more. (In fact, we added this feature in time for bot campaigns to avoid sending dozens of emails to each prospect.)

If you have any questions, please feel free to write us in the comments section!