Enabling Auto-Enrollment for High-Risk Targets

This article describes the Auto-Enrollment for High-Risk Targets feature and explains how to configure it.

Overview

The Auto-Enrollment for High-Risk Targets feature automatically enrolls users who fail phishing simulations into remedial training campaigns after a phishing campaign ends. It applies to both ongoing and future phishing campaigns, allowing partners and organizations to quickly address risky behavior without manually creating remedial training campaigns.

How it works

Once a phishing campaign is completed, BullPhish ID identifies the users who failed the campaign. The campaign is considered complete once all training invites have been sent by the Send By Date and all results have been collected over the following three days, through the Close Date. The Close Date field on the phishing campaign’s Details page shows the date and time the campaign ended.

Failing a campaign is triggered by clicking a phishing link, submitting credentials, or both.

A remedial training campaign is then created automatically and the users who failed are enrolled. Email invites are sent immediately in the same language used for the phishing campaign. Each phishing campaign with failed users generates a corresponding remedial training campaign.

A remedial training course is assigned in the same language as the failed phishing test. If no training is available in that language, the course will be provided in US-English. Only global courses are used for remedial training; custom courses are not included.

Remedial training campaigns apply to all current and future organizations by default, but specific organizations can be excluded if needed.

Remedial training campaigns can be accessed on the View All Training Campaigns page. The Type column shows whether a campaign is Remedial or Standard and you can use this column to filter which campaigns are displayed.

Key considerations

  • If no users fail a phishing campaign, a corresponding remedial training campaign is not created.
  • Remedial training campaigns cannot be edited or recreated.
  • Pausing Auto-Enrollment does not affect ongoing remedial campaigns. Individual campaigns can be cancelled or deleted on the View All Training Campaigns page.
  • BullPhish ID and partner global training email templates are provided in multiple languages, with a default template pre-selected for each language.
  • You can preview, edit, or create new templates under Settings > Email Templates by selecting Training Type.
  • To reduce clutter, remedial groups are not created for high-risk users. Users who fail a phishing test are automatically enrolled in the appropriate remedial campaign, and all enrolled users can be viewed on the campaign’s Details page.
  • Data from remedial campaigns will not appear in business reports. For tracking and insights, generate a remedial campaign report from the campaign’s Details page. Remedial training data will be included in business reports soon.

Role permissions

The following describes the permissions granted to each role for the Auto-Enrollment for High-Risk Targets feature and remedial training campaigns.

Role Permissions
Partner Administrator/Partner Agent Full access to configure and manage Auto-Enrollment at both the partner and SMB level.
SMB Privileged User
  • Cannot configure or manage Auto-Enrollment.
  • Has the same permissions as the Privileged User has to a standard training campaign, except remedial training campaigns cannot be edited or recreated.
SMB Standard User
  • Cannot configure or manage Auto-Enrollment.
  • Has read-only access to remedial training campaigns.

Remedial Training Campaigns

When a phishing campaign is completed, BullPhish ID automatically creates a remedial training campaign for the high-risk users who triggered Auto-Enrollment.

Remedial training campaigns are listed on the View All Training Campaigns page along with other training campaigns. The Type column shows how each campaign was created:

  • Remedial: Created automatically for high-risk targets after a phishing simulation.
  • Standard: Created manually by users with the necessary privileges, such as partner or organization administrators.

You can also use the Type filter to display only remedial campaigns.

IMPORTANT  Remedial training campaigns can be canceled, deleted, or resent but cannot be edited or recreated. The steps to cancel or delete a remedial training campaign are the same as for a standard campaign. For details, see the section Edit, cancel, or delete a training campaign in the article "Creating a training campaign."

The remedial training campaign’s Details page includes the following pre-defined fields:

  • Campaign Name: Remedial Training | [date and time of phishing campaign completion].
    Example: Remedial Training | 2025-04-11 14:45:34.561770
  • Phishing Campaign: A link to the phishing campaign that triggered the remedial training.
  • Schedule Frequency: Set to Once by default. Remedial campaigns are not recurring.
  • Start Date: This is the start date and time of the remedial campaign. The remedial campaign begins after the phishing campaign is completed, or on the next business day if Skip Weekends is enabled.
  • Expiration Date: The date and time the campaign will expire. Calculated based on Start date and time and the value selected for Additional Training Course Duration in the Auto-Enrollment modal.
  • Course Name: The name of the course assigned for the remedial training campaign.
  • Sending Profile: The sending profile selected in the Auto-Enrollment modal. All global training email templates provided by BullPhish ID or our partners are available for selection.

NOTE  For details about the View All Training Campaigns page and the campaign Details page, see the article Working with the Training & Awareness Dashboard.

When a user fails a phishing simulation, the system automatically assigns a remedial training course from the training library to help them recognize and avoid similar threats. Courses are assigned starting with the most recent phishing-related trainings, ensuring users receive the most relevant and up-to-date content first.

The same remedial course is assigned to all users who fail the same phishing simulation campaign (test). If a user fails a subsequent test, a different training course is assigned.

Assignment Logic:

  • Course Reassignment Timeframe: Courses already assigned or scheduled within the selected timeframe are not reassigned. The system automatically selects the next most recent course from the training library.
    For example, if the Course Reassignment Timeframe is set to three months and a user has already received "How to Avoid Phishing Scams" during that period, the system assigns the next available course, such as "Smishing & Vishing." This ensures the user receives new, relevant training without repetition, aligned with the type of phishing threats they encountered.
  • Phishing versus other courses: Phishing-related courses are prioritized. After all phishing courses have been assigned, the system may assign courses from other categories, such as compliance. Future phases of this feature will include the ability to select which course categories can be assigned.
  • Language: The system assigns courses in the same language used for the phishing campaign.
  • Active courses only: Only active global BullPhish ID courses are assigned. Partner-created custom courses are excluded.
  • Reassignment after exhaustion: When all courses in the selected language have been assigned within the defined timeframe, the system begins reassigning courses, starting again with the most recent.

There are several Auto-Enrollment email templates available, offering a variety of layouts and formats to choose from. Six versions are available for the Obligatory Remedial Training template and four versions are available for each of the other template types:

  • Obligatory Remedial Training
  • Mandatory Training Assignment
  • Complete Remedial Training
  • Required Remedial Training
  • Mandatory Remedial Training

Each template is named in the following format: Auto-Enroll - Template Name Version Number. For example, Auto-Enroll - Obligatory Remedial Training 1.

The following are example templates for Obligatory Remedial Training:

  • Auto-Enroll - Obligatory Remedial Training 1

  • Auto-Enroll - Obligatory Remedial Training 2
  • Auto-Enroll - Obligatory Remedial Training 3
  • Auto-Enroll - Obligatory Remedial Training 4
  • Auto-Enroll - Obligatory Remedial Training 5
  • Auto-Enroll - Obligatory Remedial Training 6

How to...

  1. In the left navigation pane, select Phishing Simulation > View All Campaigns.
  2. Click the Set Up Auto-Enrollment button in the banner or on the Phishing Dashboard.
  3. The Setup Auto-Enrollment for High-Risk Targets dialog box is displayed.

    Auto-enrollment applies to all current and future organizations by default. To exclude specific organizations:
    1. In the Enrollment section, turn on Exclude Specific Organizations.
    2. Click the Organizations drop-down list.
    3. Select the check boxes for each organization you want to exclude.
    4. Click the Organizations drop-down list to close it.

NOTE  If no organizations are selected, Exclude Specific Organizations will be turned off and all organizations will be included in Auto-Enrollment when the setup configuration is saved.

IMPORTANT  A maximum of 100 organizations can be excluded. At least one organization must remain included to activate Auto-Enrollment. If you attempt to exclude all organizations, an error is displayed.

  1. In the Triggers section, select the user actions that will trigger Auto-Enrollment. At least one trigger is required.
    • Link Clicked: Only targets whose last action was clicked link are included. Targets who submitted data are excluded.
    • Data Submitted: Only targets whose last action was submitted data are included.
  1. In the Training Invite Templates section, a default template has been selected for each language. You can choose a different template from the existing options or create a custom invite template under Settings > Email Templates by selecting Training as the template type.
    1. If necessary, click the Show More Languages button.
    2. For the desired language, click the drop-down list.
    3. Select a template.
    4. If desired, click the Preview button. The template will open in a new browser tab.
  2. Select the following required Settings:
    1. In the Sending Profile drop-down list, select the desired sending profile.
    2. In the Remedial Training Expiration drop-down list, select the value specifying how long targets have to complete the assigned course. If the course isn’t completed within the selected duration, it will be marked as expired.
    3. For Course Reassignment Timeframe, select the duration that defines how long before and after a remedial training campaign the system will check for previously assigned courses. Courses assigned within this timeframe won't be reassigned upon triggering Auto-Enrollment.
      For example, if you choose 3 months, a user won't be assigned the same courses from three months before the campaign starts or three months after it ends.
  3. Click Save. An Auto-Enrollment set up successfully message is displayed.

    Clicking the View Training Dashboard link will open the View All Training Campaigns page, with campaigns automatically filtered by the Remedialtype.
    On the Phishing Simulation > View All Campaigns page, Auto-Enrollment is active is indicated and the Set Up Auto-Enrollment button is now the Edit button.

Auto-Enrollment is active is listed on the Training & Awareness > View All Training Campaigns page, and the Edit button is available on this page as well.

  1. If the Email Reminders feature is not already set up, the Set up Email Reminders dialog box is displayed. Click one of the following options:
    • Set Up: The Global Email Reminder Setup modal opens. Complete the form and click Save.
    • Not Now: The modal is closed but will appear each time you edit auto-enrollment.
    • Don’t show this message again: When you select this check box and click the Not Now button, the modal is closed and won't appear again.

The Auto-Enrollment for High-Risk Targets feature can be edited, paused, or resumed at any time. Changes apply to all future remedial training campaigns, while existing campaigns created before the change are not affected.

Edit the Auto-Enrollment setup

  1. In the left navigation pane, select Phishing Simulation > View All Campaigns.
  2. Next to the Auto-Enrollment is active message, click the Edit button.
  3. The Edit Auto-Enrollment for High-Risk Targets modal is displayed. Make the desired edits and click Save.

NOTE  Clicking the Edit button on the View All Training Campaigns page redirects you to the Auto-Enrollment modal on the View All Campaigns page in the Phishing Simulation module, where you can make the desired edits.

Pause Auto-Enrollment

Pausing Auto-Enrollment stops new remedial training campaigns from being created and prevents new high-risk users from being enrolled. Existing remedial training campaigns will continue as usual and enrolled users can complete their courses. You can resume Auto-Enrollment at any time to continue enrolling new high-risk users.

  1. In the left navigation pane, select Phishing Simulation > View All Campaigns.
  2. Next to the Auto-Enrollment is active message, click the Edit button.
  3. The Edit Auto-Enrollment for High-Risk Targets modal is displayed. Turn on Pause Auto-Enrollment. A banner is displayed stating Auto-Enrollment will be paused.
  4. Click Save and confirm the changes. A banner is displayed stating Auto-Enrollment has been paused but can be resumed at any time.

    In addition, The Phishing Simulation > View All Campaigns and the Training & Awareness > View All Training Campaigns pages indicate Auto-Enrollment is paused.

IMPORTANT  Pausing Auto-Enrollment does not cancel or delete ongoing remedial training campaigns. The steps to cancel or delete a remedial training campaign are the same as for a standard campaign. For details, see the section Edit, cancel, or delete a training campaign in the article "Creating a training campaign."

NOTE  You can edit auto-enrollment selections while the feature is in a paused state. When Auto-Enrollment is resumed, changes will apply to all enrolled organizations.

Resume Auto-Enrollment

Resuming Auto-Enrollment restarts the creation of new remedial training campaigns and the enrollment of high-risk users after a phishing campaign ends. Any edits made while Auto-Enrollment was paused are applied once the feature is resumed.

  1. In the left navigation pane, select Phishing Simulation > View All Campaigns.
  2. In the banner, click Resume Auto-Enrollment.

  3. Click Save.

NOTE  You can also resume Auto-Enrollment by selecting Phishing Simulation > View All Campaigns or Training & Awareness > View All Training Campaigns clicking Edit, turning off Pause Auto-Enrollment in the modal, and then clicking Save.

 

Revision Date
Initial release. 9/25/25
Edited section "How a course is selected." Edited step 6c. 11/3/25
Added section: Auto-Enrollment email templates. 11/6/25