Go to Insights to view the Threat Surface Report, which gives you an overview of phishing activity for your customers, their targeted users, and the sources of phishing activity for the last seven days.


You can select targeted users and drill down to the sources of the attack, which can help you identify patterns in malicious attacks. For example, you can see if a phishing email has been sent to all users or if it has been sent to a particular group, such as C-Suite executives. You can also determine if only one user has been targeted in what might be a spear phishing attack.

The following definitions are useful as you consider the data:

  • Emails Analyzed: Total number of emails processed over the last seven days.

For a more high-level view of phishing activity, see the Summary Report, which provides a list of the top targeted users and incident sources.

  • Date Range

  • Customer Table

    All of your customers are shown in the Customer table with those in receipt of the most phishing emails at the top.

    • Customer: Name of your customer.

    • Emails Analyzed: Number of emails analyzed.

    • Incidents: Number of phishing emails received by your customer. You can change the order to list those with the least number of phishing attacks at the top by selecting the arrow below Incidents.

    If you want to select specific customers, you can search for and select one or more customers in the Select Customers dropdown menu.


    You can do the same by selecting customer(s) in the Customer table. To display the results of two or more customers, select those customers while pressing the Control key.

    The Targeted Users table and the Who Attacked Who? table automatically update with the results.

  • Targeted Users Table

    The Customer table and the Who Attacked Who? table automatically update with the results.

  • Who Attacked Who?