PhishEye Risk Manager

Support Desk
  • Updated
Follow

This article guides you through the steps for using the PhishEye Risk Manager. This feature provides detailed insights into each recipient, including the emails they have failed, the difficulty level of those emails, the types of failures, and whether or not they reported the phishing attempts. All of this data contributes to a total score, known as the Risk Score, within the Phishing Tackle platform.

Each recipient within the Risk Manager can have associated information such as their first name, last name, department, division, position, location, and manager details. This data can be automatically synchronised using integrations with Azure or Google, or it can be uploaded manually via a CSV file. The information displayed on the PhishEye Risk Manager page is updated daily at 01:00 AM GMT.

How to access PhishEye Risk Manager
Risk Manager Location on Platform.png

  1. In the left-hand column, locate PhishEye Risk Manager. You can then click Recipient Risk to view individual user data, or select Risk Parameters to see how the risk score is calculated through defined key parameters.

Recipient Risk

Recipient Risk.png

  1. Place - This column lists recipients in order of highest to lowest risk, as calculated by the Risk Score (1 being the highest risk).
  2. Risk Level - The Risk Level column Indicates whether a recipient is at high, moderate, or low risk.
  3. First Name - The first name of the recipient.
  4. Last Name - The last name of the recipient.
  5. Email Address - The email address of the recipient.
  6. Risk Score - This score is calculated based on the number of failed emails, their difficulty, the type of failure, and whether or not the recipient reported them. For further details on how the Risk Score is calculated, click here.
  7. Training Score - This score is independent of the Risk Score. It reflects the percentage of training completed. The higher the percentage, the more courses the recipient has completed.
  8. Breach Score - An overall score representing the number of breaches associated with each recipient.
  9. Phishing Profile - This column visually represents:
    • Red dot – Emails failed.
    • Grey dot – Emails not interacted with.
    • Green dot – Emails successfully reported.
  10. Position - Displays each recipient's job title, e.g., Manager, Supervisor, or Front of House.
  11. Department - Displays the department each recipient belongs to, e.g., Finance, Support, or Front Desk.
  12. Location - The geographical location of the recipient.
  13. Manager Email - The email address of the recipient’s manager.
  14. Show last campaign failures only - Selecting this will download a list of recipients who recently failed phishing simulations.
  15. Download Data - Exports all data visible in the 'Recipient Risk' section.

Risk Parameters
Risk Parameters.png

The Risk Parameters section allows you to view key scoring elements, including event-level scoring, temporal decay, and score interpretation. You can view more information about each parameter by selecting the green plus icon.

The default parameters can be adjusted to better suit your organisation’s needs or to provide clearer insight into how the risk score is calculated. Note: If you make any changes to the parameters, you must click Save Parameters before selecting Recalculate Risk.

To revert to the original settings, click the Restore Default Values button at the top right of the page, located between the Recalculate Risk and Save Parameters buttons.

Risk Parameters - Recipient Weighting

The Recipient Weighting section allows you to adjust how much influence a recipient’s role, department, division, or location has on their overall risk score. This is done by applying a custom multiplier to specific fields, helping you tailor risk scoring to reflect organisational priorities or exposure levels.

  1. Navigate to the Recipient Weighting section in the PhishEye Risk Manager. Click the + Add New Multiplier button at the top right of the page.
    Recipient Weighting.png
  2. In the input fields provided:
    • Description – Enter a short name or label (e.g. Finance).
    • Field – Choose the relevant field (e.g. Department, Position, Division, or Location).
    • Risk Score Multiplier – Enter a multiplier value (we recommend using a range between 0.7 and 1.3).
      Recipient Weighting input details.png
  3. Click 'OK' to apply the multiplier.
  4. To edit an existing entry, click the dropdown arrow next to it and select Edit Weighting. To delete a multiplier, click the dropdown arrow and select Delete Weighting.
    Recipient Weighting Edit and Delete.png

Risk Parameters - Analytical Framework

The Analytical Framework explains how the PhishEye Risk Score is calculated for each recipient using a combination of event-based actions, email difficulty, time decay, and defined thresholds. This ensures that the Risk Score reflects not just user behaviour, but also the severity and timing of their actions.

All actions are scored, adjusted for difficulty, and decayed over time, then summed into a raw risk score. This score can be further refined using multipliers based on job role, department, or location. Final scores are grouped into Low, Moderate, or High Risk based on defined thresholds. It’s important to note that the Risk Score is a guide to help identify users who may need additional support. It should always be interpreted alongside human judgement and organisational context.

Analytical Framework.png

 

Please let us know if you require any further assistance, you can contact our support team by clicking here. Or by sending an email to support@phishingtackle.com

Related articles