The following question was posted in the SANS Securing The Human forum. I thought it was a very good point and asked our VP Product Greg Kras for his perspective. First the question:
But I didn't click! Our vendor for phishing assessments uses a custom link for the recipient. It works well except when the recipient forwards the email and someone else clicks on the same link. Can you share with me if you use a different type of tracking mechanism to reduce false positives?
Greg answered:
"The same thing would happen with our platform, you would only know to whom the original email was sent and not necessarily who was the actual clicker. However what we do have that mitigates this problem is our Phish Alert Button (PAB) which is an add-in for Outlook/Office365 (soon Gmail & Lotus).
"This button is designed for a controlled method of reporting phish emails that ensures that the messages go to the right team and include all of the important information such as original headers. The PAB detects if the message is a simulated phish and lets the user know upon submission that it was simulated, deleting the message and not forwarding it to the incident team."
Free Phish Alert Button
When new ransomware campaigns hit your organization, it is vital that IT staff be alerted immediately. One of the easiest ways to convert your employees from potential targets and victims into allies and partners in the fight against ransomware is to roll out KnowBe4's free Phish Alert Button to your employees' desktops. Once installed, the Phish Alert Button allows your users on the front lines to sound the alarm when suspicious and potentially dangerous phishing emails slip past the other layers of protection your organization relies on to keep the bad guys at bay.
Don't like to click on redirected links? Cut & Paste this link in your browser:
https://www.knowbe4.com/free-phish-alert?
