At risk users
This report lists users who are most at risk.
This option is only available with an Email Advanced license.
Go to Logs & Reports > Reports > At risk users.
This report uses information from the Time of Click URL Protection and Impersonation Protection features.
If you have domains connected with Sophos Gateway and Sophos Mailflow, click Type to select which one to view.
Details for the last 30 days are shown by default. See Impersonation Protection and VIP Management.
At risk users uses interactive reporting.
You can come to At risk users from the Time of Click Summary report, by clicking a number in Clicks Warned or Clicks Blocked. If you do this, the category you clicked is used in At risk users. The time period you selected in the Dashboard or in Time of Click Summary is also used.
In At Risk Users you can click a number in Risk index to go to the At risk user report for that user. You can then click on a subject line to see more details about the threat.
To educate high-risk users there are direct links to Phish Threat training from the report. The Phish Threat campaign wizard automatically includes the at risk users for the date range you have selected. You can also add and remove users manually. See Create a Phish Threat Campaign.