Skip to content

Phish Threat

Phish Threat lets you test your users' response to phishing campaigns.

Sophos Phish Threat allows you to simulate phishing attacks and assess how your users respond to them. It also allows you to distribute anti-phishing training to your users.

To use Phish Threat, do as follows:

  1. Sign in to Sophos Central.
  2. Go to My Products > Phish Threat.
  3. Verify your domains. You must do this to use your users' email addresses in simulated phishing campaigns.

    You must be a Super Admin to verify your domains.

  4. Create a simulated phishing attack campaign or series. See Campaigns.

  5. Review your campaigns and their results. See Campaign overview.


Phish Threat is supported on Google Chrome. We recommend that you always run an up-to-date version.