Yes, you can enable the Campaigns module to automatically follow up any phish clickers by sending another simulated phish email or assigning a dedicated training course using the Phish Remediation functionality.

Before Enabling Phish Remediation

• Create your follow-up course or phish using the standard methods.
• Ensure Manage in Campaign is enabled for the content.

Setting Up Phish Remediation

• Once the Phish Remediation content has been prepared, navigate to Campaigns.
• Add the initial phish as a new step to your Campaign.
• Once added, select the Cogwheel icon and click Phish Remediation.
• Switch Add Phish Remediation to On to enable remediation options.
• Determine whether phish clickers should receive a Training Course or a further Simulated Phish.

To Follow Up with a Training Course:

• Select the preset course you created earlier from the Select Remediation Course drop-down.
• Specify the number of days after the click when the course should be assigned.
• Edit the Email Notification if required; this email will inform clickers about the course.

To Follow Up with a Simulated Phish:

• Select the preset phish you created earlier from the Select Remediation Phish drop-down.
• Specify the number of days after the click when the phish should be sent.
• Once configured, click Save Changes.

Final Steps

• Return to the Campaign and set the date and time for sending the initial phish to all targeted users.
• Choose whether to Stagger the phish delivery.
• Review the Phish Step settings for accuracy.
• Select Publish Changes to update the Campaign and schedule the initial phish.

⚠️ Important

• Only phish clickers will receive the remediation course or phish.
• Remediation content is sent based on the days selected during setup; emails are typically sent at 12:30 PM.
• Standard reporting is available to track phish and course activity. Additional reports may be added in the future.
• Ensure proper allowlisting and checks are in place.
• If third-party software scans or interacts with the initial phish, it may register as a click, causing the user to receive remediation even if they did not physically interact with the email.