Start Scan

Go to the Email Threat Simulator page from the left menu on the dashboard to see the following fields.


The components of the scans page are explained in the table below.

Date Created

The date and time the scan was created


Current status of the scan


Domain address of the email used to initiate the scan


You can delete or duplicate a scan as well as to view detailed reports of a scan.

View Report

Access detailed reports of a scan. You can find more information about the report details here


Delete the scan


Create a copy of the scan

How to Start a New Email Threat Simulator

The Email Threat Simulator has only one mandatory component: the test email address. Follow the steps below to start a new scan:

  • Click the +NEW button in the upper right corner of the Email Threat Simulator > Scans page.

  • On the Email Settings page, define the email address you want to use. If you want to perform an automated scan, you have two options: OWA (Outlook Web Access) or IMAP.

    • If you are using an Exchange or Office 365 server and your server is accessible from the web, click the OWA (Outlook Web Access) button and define your Outlook Web Access URL.

    • If you are using another email gateway like Google Workspace, Postfix, etc. turn on IMAP access to this account, specify the password, and click the Next button.

  • Check the Continuous Scan box if you want it to be included in this scan when a new attack vector is added.

  • Define the delivery interval for emails in the Distribution section and click the Next button.

  • Accept the User Agreement and click the Save button.

If you are using an OWA connection, you need to provide the username used to login your OWA interface.

If your Office 365 test account has MFA (Multi Factor Authentication) option that can not let Email Threat Simulator to log in related account, please follow Microsoft's "Manage app passwords for two-step verification" to complete this step.

Attack Vectors

A table provides a list of attack vectors that will be sent in the scan. The details include the name, type, hash, severity, status, and creation date of each attack vector.


These settings give you the ability to edit, enable/disable, or delete attack vectors.

In the first version of the Email Threat Simulator, only the support team is able to add new attack vectors or take action on existing attack vectors

.Click on the three dots “︙” button under the Action heading to adjust the following


Change the settings of the relevant attack vector


Enable or disable existing attack vectors. Disabled attack vectors will not be sent in new scans.


Delete the attack vector


Q: Can I start a duplicate continuous scan for the same domain?

A: No. You may not duplicate continuous scans for the same domain; however, you are able to start multiple scans without selecting the continuous scan option.

Q: Can I edit a scan?

A: No. You cannot edit a scan, but you can delete a previous scan and start a new scan.

Q: Why is the New button disabled (gray) on the attack vectors page?

A: You are not permitted to add new attack vectors or take action on existing attack vectors.

Last updated

Copyright © Keepnet Labs LTD. All rights reserved.