On a phishing email, what registers a Word document attachment as ‘opened’?

When a Word document attachment is included as part of a phishing email, it will appear as a standard Word attachment to the user.

  • Once delivered, the user will be asked to open the attachment and to click on Enable Editing to view the content of the document. 
    • This action must be completed for this to reflect as an 'open' in Reporting.

Word_doc_1.png

word_doc_2.png

  • If the above steps have been completed, the user will then be presented with the standard Learning Experience.

uh_oh.png

Note: This Learning Experience is the default for the Word document attachment and cannot be changed. You are still required to select a Learning Experience to continue.

If a user clicks on the link within the body of the email, but not on the attachment itself, they will be directed to the chosen Learning Experience and not the standard Learning Experience shown above.

Back to all articles