That's not a knowbe4 thing, that's your company's choice.
opened/clicked/creds and so forth are various levels. Your company has decided that a mere click is a fail. also, in gmail, if you 'report phishing' (without clicking), gmail will "click" it for you as part of their back-end analysis. this will show up in the click report. this type of click is distinguishable from a user click, but it's not obvious and knowbe4 has zero docs on it.
Keep in mind, a mere click can in fact be a fail. There are still drive-by attacks that work simply by clicking.
opened/clicked/creds and so forth are various levels. Your company has decided that a mere click is a fail. also, in gmail, if you 'report phishing' (without clicking), gmail will "click" it for you as part of their back-end analysis. this will show up in the click report. this type of click is distinguishable from a user click, but it's not obvious and knowbe4 has zero docs on it.
Keep in mind, a mere click can in fact be a fail. There are still drive-by attacks that work simply by clicking.