Skip to main content
Skip table of contents

Simulation overview metrics

Click rate

Definition

Percent of emails successfully sent where the user clicked on an element in the email.

Calculation

Click count / Sent mails count

Impact

This is one of your key metrics. Clicks on real phishing emails are usually where the danger starts. The lower this rate is, the better your users are at identifying threats.

simulation-clickrat.png

Interaction rate

Definition

Certain simulated phishing mails direct the user to a landing page when they click on a link. This metric represents the percentage of these emails where a user interacted with the landing page compared to the overall number of this type of email that was sent and clicked.

Calculation

Interaction count / Landing page visit count

Impact

This is another key metric that should be as low as possible. While opening a link from a phishing email represents a certain threat level (see click rate) interacting with such a page is even more dangerous. Note that not all simulated phishing mails feature a landing page, so the absolute numbers are going to be lower.

simulation-interactionrate.png

Reporting rate

Definition

Percentage of emails successfully sent where the user reported the email using the Phishing Report Button.

Reported external emails

The count of emails reported via the Phishing Report Button that were not part of a SoSafe simulation campaign.

Calculation

Reported count / Sent mails count

Impact

This metric represents your organization’s reporting culture. The higher, the better. Not falling for phishing mails is great, but actively reporting them is even better since it can help your Security Team to identify and prevent attacks. Often, real phishing mails do not just target a single employee, after all.

simulation-reportingrate.png

Share of emails sent

Definition

The percentage of all emails planned in the campaign that have actually been sent

Error rate

The percentage and number of sent emails that were rejected by the mail server.

Calculation

Emails sent / Emails planned in campaign

Impact

Think of this as your campaign progress. If you’re at 0%, no simulated phishing mails have been sent as part of your selected campaign. The error rate is helpful to determine if there might be an issue with your Whitelisting settings or other technical issues.

simulation-sharesent.png

Open rate

Definition

Percent of emails successfully sent where the user downloaded the tracking pixel in the email.

Calculation

Open count / Sent mails count

Impact

This metric is difficult to evaluate without context. An email counts as “opened” when the tracking pixel we include is downloaded. If automated image downloading is disabled in your organization, this KPI will underreport how many simulated phishing mails were actually looked at.

simulation-openrate.png

User group breakdown

This chart provides an overview of the most important metrics (click rate, interaction rate, reporting rate and open rate) broken down by your user groups. You can use the filter at the top to only look at specific user groups and also change the sorting in the dropdown right next to it.

Impact

This chart is a powerful tool to help you figure out which departments need to improve in which area. Use this information to address specific weaknesses in your security culture.

simulation-breakdown.png

click to see the full-size screenshot

Reply rate

Definition

Percentage of emails successfully sent where the user replied to the email. This does not count automatic replies such as out of office replies.

Calculation

Reply count / Sent mails count

Impact

In real phishing attempts, email replies are often the starting point for cyber criminals to launch complex social engineering attacks. You want this rate to be as low as possible since any reply to real phishing emails is dangeorus.

simulation-replyrate.png

Learning rate

Definition

Certain simulated phishing mails direct the user to learn more about phishing when they click on a link. This metric shows the percentage of effective learning page visits (counted once users read at least 2 explanatory texts) compared to the total number of simulated phishing mails with such learning pages.

Calculation

Learning count / Learning page visit count

Impact

A lower absolute number is good because it means there are few instances of users clicking on a simulated phishing mail link. However, a high percentage means that users are motivated to take the opportunity to improve their phishing detection skills.

simulation-learningrate.png

Mobile rate

Definition

Percentage of emails clicked where the user was using a mobile device.

Calculation

Mobile count / Click count

Impact

This metric shows how common mobile device use is for viewing emails. This is not inherently relevant for security, but can give you valuabe insights into user behavior.

simulation-mobilerate.png

Using multiple tenants? Select the expand below this box to learn how these metrics are affected

Multi-tenant behavior

For all above metrics, multiple tenant views will simply combine the events from all included campaigns.

 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.