G DATA Phishing Simulation

As images from external links can also be loaded into emails, the automatic download of images should be switched off in every e-mail client for security reasons. In most e-mail programs (e.g. in Outlook) this is already preset.

Some users, especially those who receive images frequently for work-related reasons, may find this additional overhead too much. They may then come up with the idea of switching this automatic download on again. You can check before the campaign whether this has been done in your company.

Our servers for the phishing simulation campaigns cannot distinguish whether the image was downloaded automatically or manually by the user.

If you notice in the report after the campaign that a large number of phishing emails have been opened, it may be because this blocking function was not activated. This should always be checked.

Due to the large number of possible mail clients, it is not possible for us to list all settings. In Outlook, you can find these functions in the Outlook Security Center (Trust Center):