During a simulated phishing campaign, recipients may contact you, their IT/Security contact, directly with questions regarding simulated phishing emails.
To measure recipient-email interaction levels accurately, it is important not to raise suspicion among other recipients, this way everyone is tested individually and effectively.
Responding to recipients during simulated phishing campaigns
We recommend the following course of action should a recipient contact you with questions about a suspicious email.
Recipient contacts you once - Ask them to forward you the email as an attachment, or use the dedicated Phish Hook button (if in use), and let them know you'll look into it.
- If they use the Phish Hook button on a simulated email, no further action is necessary.
- If they forward the email as an attachment; within the email headers, check the Message-ID ends with "@mail.tacklephishing.com". This confirms it is a simulated message from Phishing Tackle and not a real phishing email.
- There are plenty of online email header analysing tools to simplify this process if necessary.
- For further verification, see our Technical Information.
- Do not click the link(s) within an email as the email is linked to the recipient and will count as a failure on their behalf.
Recipient contacts you a second time - Let them know you've checked into their email account and everything is OK.
Recipient contacts you a third time - Let them know the email was part of a simulated phishing test and not to alert their colleagues.
If you require any further assistance, please contact our support team by clicking here.