top of page

Who gets notified about a phish?

How to update your contact roles by tenant in the partner portal

We don’t believe in sending unnecessary emails. That’s why every time you set up a new tenant in the HacWare partner portal, you’ll have the opportunity to determine who should receive necessary notifications about training, security and potential threats.

By default, these contact roles are automatically populated with the technical admins from the tenant’s Microsoft Graph API or Google Workspace API.

How to access your designated contacts by tenant

Each tenant account includes four contact roles, the security contact, phishing reporter contact, training reminder contact and the CEO contact. These roles can be updated at any time within the Partner Portal.

Watch the video walk-through:

To update your contacts for a tenant follow the below steps:

  1. Log into the Partner Portal.

  2. Select Tenants > Management on the left side panel.

  3. Scroll down to Contact List and find the tenant whose contacts you’d like to view or update.

  4. Select the green “edit” icon to make updates.

Update or edit the contact roles listed below:

  • Security admin contact: This is typically the person who manages the phishing simulations for a particular tenant. Your team may have one person who is the security admin for all of your tenants, or you may have individual team members assigned to the specific tenants they manage. This contact will receive all weekly tenant reports and any account-related notifications.

  • Phishing Reporter contact: This person will be notified when an end user reports a suspicious email using the Phishing Reporter button. If a user reports a phishing simulation, they're congratulated, and this person isn't contacted. But if a user reports a suspicious email that is not a simulation, the Phish Reporter contact will be alerted to the potential cybersecurity threat against the tenant and will receive an attached copy of the suspicious email.

  • Training reminder contact: There are two roles available for the training reminder contact, the security email contact and the training email contact. If your team or tenant prefers not to receive these reminders, you have the ability to turn this role “on” or “off” below the contact information.

  • Security email contact: This contact is typically the person responsible for making sure that all end users complete their training. If a user fails a quiz and then doesn’t complete the post-quiz training, this contact will get a notification letting them know the training was incomplete for that user. This user also receives a weekly escalation email that lists all users they are the security email contact for with incomplete security training.

  • Training email contact: This contact receives weekly escalation notifications related to end user’s incomplete security training. If a user fails multiple quizzes, doesn’t complete multiple trainings or ignores three reminders to complete post quiz training, this contact is alerted.

Some teams prefer the training reminder contacts to be sent to one person, while other teams prefer separate contacts. We offer both options so you can choose the best fit for your team.

  • CEO contact: This role is for the CEO of the individual tenant. The CEO contact’s information will be included in the initial invitations sent to their end users through the platform and is used in training. Phishing simulations are sent to the tenant’s end users using the CEO contact information to prepare end users for real attacks like business email compromise. The contact listed here will not be contacted through the platform when simulations are sent, received or reported or with any training-related notifications.

Any of these roles can be held by the same individual on your team, or you can even have one person as the contact for all of the roles (we see you, one-person MSPs!). Our goal is to work with your team structure to ensure that only necessary contacts are receiving necessary notifications.

Questions? Use the Talk to Team feature in the Partner Portal or send us an email at


Learn more about HacWare: MSP partners can decrease the likelihood their end users will click on a phishing email by 60%. Let us educate your end users with automated, AI-driven phishing simulations and under three-minute micro-trainings to keep user attention and improve learning outcomes.

Learn more about our partner program and how we can support your MSP's growth!

bottom of page