Get instant support with our search!
How is a user's IP address tracked within phishing simulations?
We use IPAPI, a third-party provider, to capture the source IP of the user. For an IP to be tracked, the user must reach our landing page. This occurs when they fall victim to a phishing simulation and are taken to the landing page to view a policy, survey, or Learning Experience.
We have investigated the reliability of IP capture and have been advised that several factors may prevent an IP address from being recorded. These include:
- Firewalls
- Browser extensions
- Use of an incognito/private browsing mode
Anyone who clicks on the phish should have their IP tracked unless one of the above factors is blocking it.
Actions that count as a click include:
The following actions are considered a click for tracking purposes:
- Clicking a link within a phishing simulation
- Opening an HTML attachment in a phishing simulation and enabling macros
- Scanning a QR code included within a phishing simulation
⚠️ Please note:
- Opening a Word attachment alone will not populate an IP address. An IP is only captured when the end user proceeds to load the Learning Experience.