Solved

AutoPilot - Can We Edit Training Emails?

  • 7 September 2022
  • 6 replies
  • 79 views

Userlevel 7
Badge +5

Hi there!

We’ve been testing Autopilot internally and really like it so far!

The only complaint I’ve gotten so far is the training email looks a lot like a phish. Sketchy looking domain, long link of gobbblygook, unsolicited email asking to click something…

This is basically the email we’re training our clients not to click.

Is there any way to customize this email template? Or are there plans to make it look more official?

We are pretty excited about Autopilot, but are hesitant to push the training piece as is. It’s sure to generate a lot of questions from our clients.

 

Thanks!

Matt

icon

Best answer by ggreenbaum 7 September 2022, 23:00

View original

6 replies

Userlevel 2
Badge

Hi @kleinmat4103 , glad to hear you’re enjoying Autopilot. We do plan to implement invite customization.

You make a fair point regarding the security profile for the training invite. However, we do advise customers to ensure target users are properly informed of your training initiative to maximize participation. Accordingly, your target users should know what to look for (sender, linked domains, subject lines, schedule, etc.) in the training invites to ensure they are legitimate.

Effective communication about your training program maximizes compliance and builds the security culture, providing an interface between employees and the security team. This implementation context reflects the reality of implementing any legitimate third party solution, such  as HR and other typical compliance-related products and services.

Hope this helps.

 

Hi @kleinmat4103 , glad to hear you’re enjoying Autopilot. We do plan to implement invite customization.

You make a fair point regarding the security profile for the training invite. However, we do advise customers to ensure target users are properly informed of your training initiative to maximize participation. Accordingly, your target users should know what to look for (sender, linked domains, subject lines, schedule, etc.) in the training invites to ensure they are legitimate.

Effective communication about your training program maximizes compliance and builds the security culture, providing an interface between employees and the security team. This implementation context reflects the reality of implementing any legitimate third party solution, such  as HR and other typical compliance-related products and services.

Hope this helps.

 

I’ve launched the Autopilot program and have notified users beforehand to expect the training invites but they have been so well trained in the past that they now check the email headers and see the following:

Subject: Webroot Training Invite
X-PHISHTEST: This is a test phishing simulation by Webroot
X-PHISH-TEST: This is a test phishing simulation by Webroot

And most concerning of all is this:

Subject: Webroot Training Invite
SPF: PASS with IP 167.89.85.54 Learn more
DKIM: 'FAIL' with domain webroottraining.com Learn more

 

How can a security focused company not pass DKIM?

As such, when my users see this they flag the email as SPAM or just delete it.

Userlevel 7
Badge +5

Hi @ggreenbaum,

Thanks for the response! 

Agreed! Those are all good recommendations. We should and will communicate the training component details and schedule to partners.

That said, there are challenges in communicating these things across dozens of partners in a way individuals will remember.

I think at least a piece of adoption and engagement with training could be making the invite email appear less like a phishing email. Even something in the email noting that it is specifically security awareness training would help. Or using Webroot SAT in the subject, or sending from the webroot.com domain. Really just anything in the email itself that points to its legitimacy.

I’m not trying to be overly critical. This is feedback from our team and from partners we’ve pushed training to in the past. 

I appreciate the work your team is doing to make security awareness training better and easier to manage for MSPs.

 

Thanks,

Matt

Userlevel 2
Badge

@kleinmat4103  thanks for the input, we appreciate it. I’ll pass this along for evaluation by the UX team.

Userlevel 2
Badge

@MrP thank you for noting the DKIM fail. We had previously solved it for that domain but it resurfaced - not sure why, and we’ll continue to monitor. Please check again, we believe the invites once again pass DKIM checks.

 

Thank you. I’ll check on the DKIM status during next month’s Autopilot campaign.

Reply