How do you track when learners open or click in a phishing email?




How do you track if someone "Opens" an email?


We track email opens by including a tiny, invisible tracking image in every email we send. When the learner’s email client loads that image, we know the email was opened.

Note: If the learner’s email client blocks images or doesn’t load them automatically, we won’t see the open. This will register as an "Assumed Open."

What does "Assumed Open" mean?


This “Assumed Open" means the learner likely opened the email, but the system could not definitively track the open due to images being disabled or the email being viewed in a preview pane.

Need more info? Visit our Troubleshooting Guide: Report shows a Hollow "Assumed Opened" icon.

What counts as a click?


A “Click” means the learner actively clicked a link in the phishing simulation email. Previewing or opening the email without clicking will not count as a click.

Why are some open or click numbers higher than expected?


Seeing an unusually high or 100% click rate in your phishing campaigns? It’s likely due to false positives. This often happens when links are "clicked" by automated systems (like spam filters, antivirus software, or security scanners) rather than actual users.

Need help fixing false positives? Visit our Troubleshooting Guide: How to Fix False Positives ( 100% Click Rates)

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us

Related Articles