Phishing Scenarios
Last updated
Was this helpful?
Last updated
Was this helpful?
The > Phishing Scenarios > Scenarios page provides a selection of ready-to-use phishing campaigns. These standard system scenarios are available to all clients and can be launched with just a few clicks. You also have the option to customize a scenario to your needs or to create a unique phishing campaign.
The components of the Scenarios page are explained below.
Scenario name
The name of the phishing template
Category
Category is used to classify phishing scenarios by threat type.
Method
The phishing technique.
Data Submit: Used to detect target users who submit data on the landing page
Attachment: Used to detect target users who download the attachment in the phishing simulation email
Click-Only: Used to detect target users who click unknown links in the phishing email.
MFA: Used to detect target users who enter their MFA codes on the landing page
Tags
Tags can be added to the phishing scenario to enable viewing using related tag lists.
Difficulty
Created By
System: Standard phishing scenario templates provided with the product.
Custom: Phishing scenarios created or customized by system users.
Date Created
The date and time the phishing scenario was created.
This section explains how to initiate a phishing campaign.
Once you have selected a phishing template for your campaign and identified the targets, click on the Launch '➤' button in the Actions menu on the far right of the page.
You will be presented with options to specify or modify various elements of the campaign.
Campaign Name
The name used to identify the phishing campaign and the name that will be used on the report generated at the conclusion of the campaign
Target Groups
The group(s) selected to receive the phishing campaign message
Exclude Reports
The phishing report can be removed from other reporting areas of the platform
Send this campaign to randomly selected users
The phishing campaign can be designed to be sent to random users in the target group according to a percentage or user count.
Once you designed the proposed campaign and clicked the Next button, you will be provided with a summary. The components are explained below.
Scenario Info
Basic information about the phishing campaign
Settings
Settings information of the phishing campaign
Other
Any other additional information about the campaign
Target Users
The users to whom the phishing campaign will be sent
Email that will be sent to users
Preview of the phishing email that will be sent
Landing page for users who click the phishing link
Preview of the landing page when a user clicks the phishing link used in this campaign
Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Edit button.
Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Preview button to view what will be sent to the targeted users.
Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Duplicate button to recreate a previous campaign.
Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Delete button to delete a phishing campaign.
This option gives you an overview of phishing templates on the platform, grouped by region (e.g., EMEA, NAM), brand (e.g., Microsoft, Google), industry (e.g., finance, IT), attack type (e.g., click-only), language, and emotional triggers (e.g., urgency, excitement). It helps you explore and select the most relevant templates for your campaigns.
To access it, go to Phishing Simulator > Scenarios and click the "Scenario Statistics" button at the top-right of the scenarios page.
Phishing scenarios have two components: the phishing email template and the landing page. Follow the steps below to add a new phishing scenario:
Click the +NEW button in the upper right corner of the Phishing Simulator > Phishing Scenarios page.
Complete the required fields on the first page, then click Next.
Scenario Name: Enter a name for your scenario.
Description: Describe the template briefly for your reference.
Category: Select the threat type that classifies your phishing scenario.
Method: Choose the appropriate phishing strategy for your scenario.
Click-Only: Redirect users to a specific landing page, and see who clicks the phishing link within the report.
Data Submission: Redirect users to a page where they must enter requested credentials and see who submits this information in the report.
Attachment: Redirect users to download a file attached within the simulated email, and see who opens the file within the report.
MFA: Redirect users to a Multi-Factor Authentication (MFA) page where they must input a received MFA code to continue, and see who submits MFA codes in the report.
Language: Select the language of your scenario.
Tags: Define tags for the scenario.
Make Available For: Make your scenario available to be used by the other customers under your organization. This feature is only available to admins who have Reseller permissions.
On the Email Template page, select the e-mail template you want to use and then click the Next button.
Select the Landing Page template you want to use and then click the Next button to move on to the Summary page.
If the MFA method is selected, you'll find a sub-menu titled "MFA Settings" on the Landing Page. Here, you can customize the "Sender Phone Number" and the text for the "SMS Verification Message".
The Summary page provides you with an overview of the proposed phishing campaign, including the type of campaign, the targeted users, and other important details.
Now you can click the Save button to create your scenario.
This tutorial will cover the Scenarios that are created by combining the Email Template and/or Landing Page and making the campaign ready to send to the target users.
The level of difficulty to recognize a phishing attempt (Easy, Medium, Hard). Please to see how the difficulty level is determined.