17 years helping Australian businesses
choose better software
Sophos Phish Threat
What Is Sophos Phish Threat?
Part of the Sophos Central security software suite, Sophos Phish Threat is a tool that enables IT and network administrators to simulate phishing attacks to train corporate professionals to protect themselves against real ones. It comes with 60 training modules in 10 languages, each with customizable templates and tools to create convincing lookalikes from scratch. They can be used to create emails, identity harvesting forms, password harvesters, and other realistic-looking devices. Administrators can then import or sync employee contact lists to distribute these mock-ups across the company, monitoring their response reports to determine their vulnerability to real-world phishing campaigns in real-time.
Who Uses Sophos Phish Threat?
Sophos Phish Threat is a phishing campaign mock-up tool developed for the corporate world.
Not sure about Sophos Phish Threat?
Compare with a popular alternative
Sophos Phish Threat
Reviews of Sophos Phish Threat
Excellent Tool for Training
Comments: Sophos is a great platform that offers many important tools and features. The phish threat portal gives IT the ability to track and train users that are haphazardly clicking risky emails and attempting to enter their credentials into risky sites.
Pros:
The Sophos Phish Threat utility allows us to run simulations for user training while making sure that the emails are initiated from outside our organization for a more "real world" scenario. much better than O365 offerings
Cons:
I would like to see more diversity in the email templates offered so that our users do not become aware of what emails are being initiated by a threat campaign.
Sophos Phish Threat: A basic Phishing Simulation Tool, with limitations
Comments: I think in overall Sophos Phish Threat does what it does, but I am fairly disappointed by what they offer. Their setup tutorial for manually changing settings is not good nor bad, but could have some improvement. And the limitations might also be a dealbreaker for more companies who want more freedom in their choice. I think
Pros:
Thanks to our script we have developed we do not have to manually whitelist and configure Office 365 tenants when we want to launch campaigns for our customers. The solution is a multi-language platform which allows users to not only execute for a specific target, but also for multiple countries. This is handy if your business is international and speaks multiple languages.
Cons:
I sometimes struggle with the following limitations: 1. The length of campaigns are too long. Sophos requires you to put the end-date at least 1 month or later, which is not practical if you do a short campaign. 2. The most mails get sent right away and most users are active and read their mail rather fast. So if all mails are sent, opened but nobody clicked the link, then the campaign might be all over in the most cases. In real case scenario's threat actors do not send multiple different emails. They send one and hope someone is clicks through. 3. Sophos selects the mail what is sent so you are not in charge which mail is sent to whom. If you select 5 templates only 1 mail is sent. I really wanted to see that everybody receives all the mails in a timespan between the startdate and enddate.
Es una gran herramienta para concientizar
Comments: Realmente me encanta es un gran producto de buen costo para evitar posibles ataques que puedan ser ocasionados por el el usuario
Pros:
La facilidad de uso y el precio que es bastante accesible
Cons:
Puede traer plantillas adicionales y un poco más dinámicas