Solved

How can we make SAT emails look more legitimate?

  • 22 December 2021
  • 1 reply
  • 56 views

When we send out emails to our staff from Webroot, the emails may contain a link to a training course. Is there any way to make those ugly long links to awareness training courses, less ugly and long? All the best practices tell users to hover over a link before clicking it to see where the link goes. All of our SAT course materials have long hyperlinks that could easily be mistaken for a phishing attempt. I am not sure what the best solution is on your end. For now we just have to tell our staff to ignore all those safety training courses that tell you not to click weird looking links, and trust that this one link is actually a good link. I hate this approach, as it undercuts everything we have been trying to teach these people!

icon

Best answer by ggreenbaum 22 December 2021, 21:11

View original

1 reply

Userlevel 2
Badge

Hi @nateschoonover,

I understand your concern regarding long and cryptic link that is visible on hovering over webroot training invite links.

I think the best approach here is to educate users to look at the domain being used to ensure it is a valid, expected domain for both the sender email address and any links relative to the context of the email and the action being taken.

In the case of the webroot training invite links, you should use a branded, simple domain such as webroottraining.com.

This still isn’t a perfect solution, since many organizations use internal security tools such as secure email gateways which rewrite the links anyway. But between the above guidance regarding the sender’s email address, along with your internal messaging to employees regarding your training campaign, should work together to create a reasonable approach.

Hope this helps.

 

Reply