O365 Phishing test issues

%3CLINGO-SUB%20id%3D%22lingo-sub-1060623%22%20slang%3D%22en-US%22%3EO365%20Phishing%20test%20issues%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1060623%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3EI%20was%20wondering%20if%20anyone%20else%20was%20experiencing%20the%20following%20issue%20with%20the%20%3CSPAN%20class%3D%22oss-tile-title%20ng-binding%22%3ESpear%20Phishing%20(Attachment)%20test%20in%20the%20Threat%20Management%20module%20%3C%2FSPAN%3Eand%20if%20you%20had%20any%20fixes%20or%20a%20work%20around%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIssue%3A%20When%20the%20phishing%20campaign%20is%20sent%2C%20the%20target%20opens%20the%20.doc%20and%20it%20says%20you%20have%20been%20phished%2C%20this%20was%20a%20test%20ect.%20However%2C%20it%20doesn%E2%80%99t%20record%20that%20the%20target%20opened%20the%20attachment%20unless%20the%20target%20clicks%20%E2%80%9Cenable%20editing%E2%80%9D%20in%20the%20word%20document.%3C%2FP%3E%3CP%3EThe%20issue%20is%20when%20most%20users%20open%20the%20document%20and%20see%20that%20it%20was%20a%20phishing%20test%2C%20they%20will%20not%20bother%20clicking%20%22Enable%20Editing%22%20and%20O365%20doesn%E2%80%99t%20record%20it%20as%20being%20opened%2C%20which%20is%20giving%20us%20inaccurate%20results.%20I%20was%20poking%20around%20and%20it%20doesn%E2%80%99t%20look%20like%20there%20is%20a%20way%20to%20change%20the%20attachment%20verbiage.%3C%2FP%3E%3CP%3EI%20would%20like%20to%20hear%20if%20anyone%20else%20has%20experienced%20this%20or%20if%20there%20is%20a%20way%20to%20change%20the%20word%20document%20which%20is%20sent%20to%20the%20targets.%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Visitor

Hello,

I was wondering if anyone else was experiencing the following issue with the Spear Phishing (Attachment) test in the Threat Management module and if you had any fixes or a work around?

 

Issue: When the phishing campaign is sent, the target opens the .doc and it says you have been phished, this was a test ect. However, it doesn’t record that the target opened the attachment unless the target clicks “enable editing” in the word document.

The issue is when most users open the document and see that it was a phishing test, they will not bother clicking "Enable Editing" and O365 doesn’t record it as being opened, which is giving us inaccurate results. I was poking around and it doesn’t look like there is a way to change the attachment verbiage.

I would like to hear if anyone else has experienced this or if there is a way to change the word document which is sent to the targets.

Thanks,

0 Replies