LogoLogo
Get Demo
  • 💫NEXT-GENERATION PRODUCT
    • Introduction
    • Getting Started
      • 1. Invite System Users
      • 2. Add Target Users
        • Add Users via CSV
        • Add users via SCIM
          • SCIM Setup in Azure AD
          • SCIM Setup in Okta
          • SCIM Setup in Onelogin
          • SCIM Setup in Jumpcloud
        • Add users via LDAP
        • Add Users via API
      • 3. Email Deliverability
        • Microsoft 365
          • M365: Direct Email Creation
          • M365: Whitelisting
        • Google Workspace
          • Google: Direct Email Creation
          • Google: Whitelisting
        • Exchange 2013 and 2016
      • 4. Track Opened Emails
      • 5. Allow Phishing URLs
        • Whitelist for Office 365
        • Whitelist for Google Workspace
        • Whitelist for Exchange 2013/2016
        • Whitelist in Security Solutions
      • 6. Setup Phishing Reporter
        • Step 1. Download Phishing Reporter
        • Step 2. Deploy Phishing Reporter
          • How to Deploy Add-In in Microsoft 365
          • How to Deploy Add-In in Exchange Admin Center
          • How to Deploy Add-In in Google Workspace
          • How to Deploy Add-In in Outlook
            • Troubleshooting Phishing Reporter Add-In on Outlook Desktop
      • 7. Incident Responder Setup
        • Step 1. Integrate Threat Intel Partners
        • Step 2. Mail Configurations
          • Microsoft 365
          • Google Workspace (Gsuite)
          • Exchange (EWS)
    • Platform
      • Dashboard
        • Dashboard Widgets
        • Incident Responder Widgets
        • Threat Sharing Widgets
        • Phishing Simulator Widgets
      • Threat Intelligence
      • Email Threat Simulator
        • Start Scan
        • View Scan Report
        • Create Trusted Account on Exchange
        • Start Scan on O365 Email Account
        • Start Scan on Google Workspace Email Account
      • Threat Sharing
        • Communities
        • Incidents
      • Phishing Simulator
        • Manage Phishing Scenarios
          • Phishing Scenarios
          • Email Templates
          • Landing Pages
        • Phishing Campaign Manager
        • Phishing Campaign Reports
        • Settings
          • DNS Services and Domains
          • Exclude IP Address
      • Callback Simulator
        • Manage Callback Scenarios
          • Callback Scenarios
          • Callback Email Templates
          • Callback Templates
        • Callback Campaign Manager
        • Callback Campaign Reports
        • Settings
          • Callback Phone Numbers
      • Vishing Simulator
        • Vishing Templates
        • Vishing Campaign Manager
        • Vishing Campaign Reports
      • Smishing Simulator
        • Manage Smishing Scenarios
          • Smishing Scenarios
          • Text Message Templates
          • Landing Page Templates
        • Smishing Campaign Manager
        • Smishing Campaign Reports
        • Settings
          • Manage DNS and Domains
          • Exclude IP Addresses
      • Quishing Simulator
        • Manage Quishing Scenarios
          • Quishing Scenarios
          • Quishing Templates
          • Quishing Landing Page Templates
        • Quishing Campaign Manager
        • Quishing Campaign Reports
        • Settings
          • DNS and Domains
          • Excluding IP Address
      • Awareness Educator
        • Training Library
        • Enrollments
        • Certificates
        • Training Reports
        • Training Completion Queries
      • Incident Responder
        • Incident Responder Dashboard
        • Investigations
        • Integrations
        • Playbook
        • Mail Configurations
          • Microsoft 365
          • Exchange
          • Google Workspace
        • Cross Company Integration
      • Phishing Reporter
        • Phishing Reporter Customization
        • Phishing Reporter Deployment
          • How to Deploy the Add-in in Microsoft 365
          • Phishing Reporter Page View Failure Due to Deprecated Exchange Online Tokens
          • Microsoft Ribbon Phishing Reporter
          • How to Deploy the Add-in in Exchange Admin Center
          • How to Deploy the Add-in in Google Workspace
          • Phishing Reporter Announcement Email Template
        • Diagnostic Tool
        • Integrating Microsoft Phishing Reporting Button with Keepnet
        • Troubleshooting Phishing Reporter on Outlook Desktop
      • Reports
        • Advanced Reports
        • Executive Reports
        • Scheduled Reports
        • Gamification Report
      • Company
        • Target Users
        • Companies
          • Company Groups
        • Company Settings
          • Privacy
            • Account Privacy
            • Data Privacy
          • AI Ally Settings
          • SMTP Settings
          • Direct Email Creation
            • Direct Email Creation for Google Workspace
            • Direct Email Creation for Microsoft 365
          • Notification Templates
          • Google User Provisioning
          • REST API
          • White Labeling
          • Proxy Settings
          • SAML Settings
            • How to Configure SAML on ADFS
            • How to Configure SAML on Google Workspace
            • How to Configure SAML on Azure AD
            • How to Configure SAML on CyberArk
            • How to Configure SAML on Okta
          • SCIM Settings
            • Getting Started with SCIM
            • Azure AD SCIM Integration
            • Okta SCIM Integration
            • Onelogin SCIM Integration
            • Jumpcloud SCIM Integration
          • SIEM Integrations
            • Splunk Integration
            • Syslog Integration
          • LDAP
          • Allowed Domains
        • System Users
          • People
          • Roles
        • Audit Log
        • Job Log
      • Free Phishing Email Analysis Service
    • Miscellaneous
      • Whitelisting
        • How to Whitelist an IP Address in Office 365
        • How to Whitelist an IP Address in Exchange 2013 and 2016
        • How to Whitelist an IP Address in Google Workspace
        • How to Whitelist in Mimecast
        • Whitelisting in Other Security Solutions
        • Whitelisting the Pictures on Microsoft Outlook Apps
        • Keepnet Tools Whitelisting Guidelines
        • Understanding Email Delivery Errors
        • Tracking Email Opens in Phishing Simulations
      • User Profile
      • Multi-Factor Authentication (MFA) Settings
      • On-Premise Requirement Checker
      • Platform Requirements
        • Portal UI Requirements
        • Phishing Reporter Requirements
        • Diagnostic Tool Requirements
      • Maintenance Tool
      • Understanding the Preferred Language Setting
  • 📚RESOURCES
    • Platform Security
    • Volume & Performance
    • Customer Help Desk
    • Product Update/Maintenance
    • Research Methodology
    • Release Notes
      • 2025
      • 2024
      • 2023
      • 2022
      • 2021
      • 2020
  • ⚖️Legal Hub
    • For Customers
      • Customer Terms of Service
      • Product Specific Terms
      • Jurisdiction Specific Terms
      • Data Processing Agreement
      • Regional Data Hosting Policy
      • Product and Services Catalog
      • Acceptable Use Policy
      • Keepnet Security Program
      • Microsoft CoPilot Usage Policy
    • For Everyone
      • Website
        • Terms of Use
        • Privacy Policy
        • Cookie Policy
      • Free Phishing Email Analysis
        • Terms of Service
        • Privacy Policy
      • Transparency Report
Powered by GitBook

Copyright © Keepnet Labs LTD. All rights reserved.

On this page
  • Phishing Scenario Actions
  • How to Launch a Phishing Campaign
  • How to Edit a Phishing Campaign
  • How to Preview a Phishing Campaign
  • How to Duplicate a Phishing Campaign
  • How to Delete a Phishing Campaign
  • How to View Scenario Statistics
  • How to Add a New Phishing Scenario
  • Video Tutorial

Was this helpful?

Export as PDF
  1. NEXT-GENERATION PRODUCT
  2. Platform
  3. Phishing Simulator
  4. Manage Phishing Scenarios

Phishing Scenarios

PreviousManage Phishing ScenariosNextEmail Templates

Last updated 5 months ago

Was this helpful?

The > Phishing Scenarios > Scenarios page provides a selection of ready-to-use phishing campaigns. These standard system scenarios are available to all clients and can be launched with just a few clicks. You also have the option to customize a scenario to your needs or to create a unique phishing campaign.

The components of the Scenarios page are explained below.

Scenario name

The name of the phishing template

Category

Category is used to classify phishing scenarios by threat type.

Method

The phishing technique.

  • Data Submit: Used to detect target users who submit data on the landing page

  • Attachment: Used to detect target users who download the attachment in the phishing simulation email

  • Click-Only: Used to detect target users who click unknown links in the phishing email.

  • MFA: Used to detect target users who enter their MFA codes on the landing page

Tags

Tags can be added to the phishing scenario to enable viewing using related tag lists.

Difficulty

Created By

System: Standard phishing scenario templates provided with the product.

Custom: Phishing scenarios created or customized by system users.

Date Created

The date and time the phishing scenario was created.

Keepnet uses a tiny, 1x1 pixel image from a remote URL to track when files are opened in Microsoft Office applications like Excel, Word. This method does not work with Macbook Numbers, which does not support URL-based images in cells, preventing file tracking. For broader compatibility in phishing attacks across Microsoft, Mac, and Android devices, use HTML file attachments, which support complex elements across diverse devices and software environments.

Phishing Scenario Actions

This section explains how to initiate a phishing campaign.

How to Launch a Phishing Campaign

Once you have selected a phishing template for your campaign and identified the targets, click on the Launch '➤' button in the Actions menu on the far right of the page.

You will be presented with options to specify or modify various elements of the campaign.

Campaign Settings

Campaign Name

The name used to identify the phishing campaign and the name that will be used on the report generated at the conclusion of the campaign

Target Groups

The group(s) selected to receive the phishing campaign message

Exclude Reports

The phishing report can be removed from other reporting areas of the platform

Send this campaign to randomly selected users

The phishing campaign can be designed to be sent to random users in the target group according to a percentage or user count.

Campaign Summary

Once you designed the proposed campaign and clicked the Next button, you will be provided with a summary. The components are explained below.

Scenario Info

Basic information about the phishing campaign

Settings

Settings information of the phishing campaign

Other

Any other additional information about the campaign

Target Users

The users to whom the phishing campaign will be sent

Email that will be sent to users

Preview of the phishing email that will be sent

Landing page for users who click the phishing link

Preview of the landing page when a user clicks the phishing link used in this campaign

How to Edit a Phishing Campaign

Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Edit button.

How to Preview a Phishing Campaign

Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Preview button to view what will be sent to the targeted users.

How to Duplicate a Phishing Campaign

Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Duplicate button to recreate a previous campaign.

How to Delete a Phishing Campaign

Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Delete button to delete a phishing campaign.

How to View Scenario Statistics

This option gives you an overview of phishing templates on the platform, grouped by region (e.g., EMEA, NAM), brand (e.g., Microsoft, Google), industry (e.g., finance, IT), attack type (e.g., click-only), language, and emotional triggers (e.g., urgency, excitement). It helps you explore and select the most relevant templates for your campaigns.

To access it, go to Phishing Simulator > Scenarios and click the "Scenario Statistics" button at the top-right of the scenarios page.

How to Add a New Phishing Scenario

Phishing scenarios have two components: the phishing email template and the landing page. Follow the steps below to add a new phishing scenario:

  1. Click the +NEW button in the upper right corner of the Phishing Simulator > Phishing Scenarios page.

  2. Complete the required fields on the first page, then click Next.

    1. Scenario Name: Enter a name for your scenario.

    2. Description: Describe the template briefly for your reference.

    3. Category: Select the threat type that classifies your phishing scenario.

    4. Method: Choose the appropriate phishing strategy for your scenario.

      1. Click-Only: Redirect users to a specific landing page, and see who clicks the phishing link within the report.

      2. Data Submission: Redirect users to a page where they must enter requested credentials and see who submits this information in the report.

      3. Attachment: Redirect users to download a file attached within the simulated email, and see who opens the file within the report.

      4. MFA: Redirect users to a Multi-Factor Authentication (MFA) page where they must input a received MFA code to continue, and see who submits MFA codes in the report.

    5. Language: Select the language of your scenario.

    6. Tags: Define tags for the scenario.

    7. Make Available For: Make your scenario available to be used by the other customers under your organization. This feature is only available to admins who have Reseller permissions.

    8. On the Email Template page, select the e-mail template you want to use and then click the Next button.

    9. Select the Landing Page template you want to use and then click the Next button to move on to the Summary page.

      1. If the MFA method is selected, you'll find a sub-menu titled "MFA Settings" on the Landing Page. Here, you can customize the "Sender Phone Number" and the text for the "SMS Verification Message".

    10. The Summary page provides you with an overview of the proposed phishing campaign, including the type of campaign, the targeted users, and other important details.

Now you can click the Save button to create your scenario.

Video Tutorial

This tutorial will cover the Scenarios that are created by combining the Email Template and/or Landing Page and making the campaign ready to send to the target users.

The level of difficulty to recognize a phishing attempt (Easy, Medium, Hard). Please to see how the difficulty level is determined.

💫
Phishing Simulator
click here