Managing Groups
Managing Groups
Overview
Group membership needs regular maintenance to stay accurate. This page covers how to add or remove members, keep groups up to date, and avoid common mistakes.
Edit a group's membership
- Go to Targets → All Groups
- Find the group and click View
- Check boxes to add members; uncheck to remove them
- Click Save
Changes take effect immediately — the updated group will be used in any new campaigns you launch.
When to update groups
| Trigger | Action |
|---|---|
| New hire joins the organisation | Add to relevant department group + "New Hires" group |
| Employee leaves | Remove from all groups (to avoid undeliverable campaign emails) |
| Promotion or role change | Move between groups (e.g., IC → Manager) |
| Post-campaign analysis | Create a "Previously Clicked" group from campaign results and assign targeted training |
| Reorg or restructure | Update department groups to reflect new structure |
Reviewing group accuracy
Before every campaign, check that the target group is still accurate:
- Are all members still with the company?
- Are there new joiners who should be included?
- Does the group reflect the correct department/role after any recent changes?
Stale groups produce misleading results — undeliverable emails look like "ignored" simulations and artificially lower your phish rate.
Best practices
Keep groups small and specific. Large "all staff" groups are fine for baseline campaigns, but specific groups produce more actionable results.
Create a "Previously Clicked" group. After each campaign, add users who clicked to a dedicated group. Run a targeted follow-up campaign and assign training specifically to this group. Track whether they improve.
Create a "New Hires" group. Run a baseline phishing campaign for every onboarding cohort within their first month. This establishes individual risk scores early and immediately builds awareness for the most vulnerable period.
Don't delete groups. Even if a group is no longer used for active campaigns, historical campaign data is linked to groups. Archive or rename groups that are no longer active rather than deleting them.