Phishing Campaign Manager
A phishing campaign can be launched to target users in two ways. The Fast Launch option allows you to initiate a phishing campaign quickly and easily, without having to designate any settings. However, if you prefer customization, advanced features are available to refine the campaign using the Campaign Manager option, such as Schedule, Multiple Target Groups, SMTP Delay, Expire Date, Multiple Scenarios, and Randomize to allow you to modify a variety of elements to suit your needs.
Campaign Manager Components
The components of the Campaign Manager page are explained below.
Campaign Name
The name of the campaign
Instance information indicating the number of times the campaign has been launched is available next to the campaign name
Target Users
The target users who will receive the phishing email
Status
Status information of the campaign. (idle, running, completed, paused, canceled, error)
Idle = The campaign is launched and has not started yet
Running = The campaign is in progress
Completed = The campaign is delivered to all target users
Paused = The campaign has been temporarily suspended
Canceled = The campaign has been withdrawn
Error = The status field displays an error message if there is a delivery problem
Scenarios
Shows how many scenarios has been launched in the campaign.
Scenario Distribution
Shows how scenarios are assigned to users (e.g., same random scenario for all, different random scenarios for each, AI Ally selects scenario for each user or manual selection).
Method
Method type of the campaign
Training
List the phishing campaigns that were launched with training content.
Created By
The source of the phishing campaign (system, custom)
Email Delivery
Date Created
The date and time the campaign was created
Last Launch
The date of the most recent use of the campaign
Actions
These settings give you the ability to edit, preview, or delete campaigns, as well as create new instances. You can also resend a campaign to specific users.
Click on the three dots “︙” button under the Action heading to adjust the following features.
Preview
Preview the campaign details, including the Email Template, Landing Page, and any associated training content that was selected.
Edit
Change the settings of the relevant campaign
Create New Instance
Create a copy of the same campaign and launch it to the different target groups.
Delete
Delete the campaign
Campaign Instances
In the Campaign Name column, the Instances option will provide details of the campaign, such as how many times it has been launched and the users targeted.
The components of the Campaign Instances page are explained below.
Frequency
If you have selected multiple scenarios, it shows how often the system will send the selected scenarios randomly to the selected groups.
Start Time
The date and time the campaign is launched
Target Users
The total target users that the campaign was launched to.
Status
Current status of the campaign (idle, running, completed, paused, canceled, error)
Date Created
The creation date of the campaign
Actions
You can delete, pause, or resume a paused instance on the Campaign Instances page as well as you also have the option to view detailed reports of an instance or resend the campaign.
Launch
Resend a campaign to a selected group
View Report
Delete
Delete the campaign report
Cancel
Terminate an active campaign. The system won't send the phishing email to the users who haven't received it.
Create a Campaign
Click on "+ NEW" on the Phishing Simulator > Campaign Manager page to create a new phishing campaign to set up to launch target users in four simple steps:
Campaign Settings
Phishing Scenarios
Target Audience
Delivery Settings
Campaign Summary
Before launching a phishing campaign, you must create a target user group.
Campaign Settings
Enter basic information about this campaign. The components of the Campaign Info page are explained below.
Campaign Name
The name of the campaign
Smart Grouping
Users who failed the campaign are automatically added to the selected target group
Tracking Duration
Select the time period you want to keep this campaign active
Mark As Test
Select this box if you want to exclude the results of the campaign from the overall company score
Reply Tracking
Enter custom reply-to address to track replies. Please click here to learn more.
Phishing Scenarios
Select one scenario to send selected target users or select multiple phishing scenarios to distribute randomly.
If multiple scenarios are selected, each user will receive a random scenario.
Scenarios
Select scenarios to be sent to selected target users.
Type
Filter scenarios according to their method type.
Language
Filter scenarios according to their language.
Difficulty
Filter scenarios according to their difficulty level.
Category
Filter scenarios according to their threat type.
Scenario Distribution
Select how scenarios will be sent to users:
Select scenarios manually: The selected scenarios by the admin will be sent to target users.
Select random scenarios for each user: The platform will randomly select scenarios from the scenarios menu for each user. Use filters (Type, Language, Difficulty, and Category) to list scenarios from which the platform will pick randomly.
Select the same random scenario for all users: The platform will randomly select one scenario from the scenarios menu for all users. Use filters (Type, Language, Difficulty, and Category) to list scenarios from which the platform will pick randomly.
AI Ally selects scenario for each user: If you filter scenarios by Type, Language, Difficulty, or Category and then proceed to select target users, the AI Ally will choose a scenario from the filtered options for each user.
The selection will be based on each user's specific attributes, such as their Phone Number, Timezone, User Agent, Company Country, and Department Name to ensure the most relevant scenario is sent to each user.
As information, Personally Identifiable Information (PII) is never shared with the AI model.
Training
Select training and send the training via email or redirect it immediately once the user falls for a phishing campaign.
Enrollment: Users can either be redirected to the training immediately with the "Start Training Immediately" option or opt to receive the training later through an email with the "Enroll via Email Notification" option.
Click Only: The users who click the phishing link will be redirected to the training immediately, or a training email will sent later.
Data Submission: The users who submit their credentials will be redirected to the training immediately, or a training email will sent later.
Attachment: The users who open the attached file will receive the training via email.
MFA: The users who submit their MFA code will be redirected to the training immediately, or a training email will sent later.
Reminder: The users who don't complete the training will receive additional reminder emails.
Certificate: The users who complete the training will receive a certificate. Edit Training Redirect Page: The training redirect page is written in English by default, but it can be fully customized.
Target Audience
Select target groups for your campaign.
Target Audience
Choose one or several recipient groups to send the selected phishing scenarios to.
Limit Recipients
Send only to users with an active phishing reporter add-in: Select this option to send the campaign only to users with an active phishing reporter plug-in.
Send this campaign to randomly selected users: Choose this option to send the phishing campaign to randomly selected users within the target group. You have the option to choose a percentage of the group or a specific number of users.
Delivery Settings
Set email delivery options.
The components of the Delivery Settings page are explained below.
If multiple companies are selected and DEC is chosen for email delivery, but a customer doesn't have DEC configuration, or it fails, the system will use the default SMTP in the customer's company profile to sending simulation emails to the target users.
Email Delivery
Frequency
If you have selected multiple scenarios, you can choose how often you would like to send the scenarios randomly to the selected groups.
Schedule
The date and time of the campaign launch:
Save for later: Check this box if you want to send the campaign later. To send now, click the "Now" button after opening the date and time pop-up.
Schedule for: Check this box to begin the campaign on a specific date.
Enable Region-Aware Time Zone Delivery: Send phishing simulation emails based on the target users' time zones. Users without a defined time zone will receive the email based on the organization's main time zone.
Distribution
When you launch a phishing campaign to a large audience, this feature ensures that the emails are not blocked or quarantined by the recipient's email server. It achieves this by distributing the emails over a period of time rather than sending them all at once.
Send emails when the campaign starts: As the campaign begins, emails are immediately dispatched to the selected target users.
Send emails on defined days and hours: You can determine the specific days and times when emails will be delivered to the chosen target users.
Sending limit per batch: Define the quantity of emails you'd like to send to the recipients in each batch during the chosen days and times.
Send emails with delay every: Decide on the duration of the pause between sending each batch, whether it's in seconds, minutes, or hours.
The system will automatically determine and show you the duration required to send the campaign to the designated number of recipients based on your chosen settings.
Campaign Summary
All of the phishing campaign details are easily accessible on one page, along with a preview of the phishing scenario and the landing page.
The components of the Campaign Summary page are explained below.
Campaign Info
The name of the campaign, the difficulty level, and the phishing technique employed. (Data Submission, Click only, Attachment)
Settings
Date and time of the campaign, the number of emails to be sent, and the email delivery info
Other
Other additional enabled settings will appear here such as "mark as test" option.
Target Users
The target users who will receive the phishing email.
Click on Preview to see the target users count and target user groups.
Email that will be sent to users
The phishing email template selected for the campaign
Click Preview to see how it will be displayed in the target users’ inboxes
Landing page for users who click on the phishing link
The landing page template selected for the campaign.
Click Preview to see how it will be displayed in the target users’ browsers
Schedule
By enabling the frequency feature, you can view the date and time when the scenarios will be delivered to the selected groups.
Click Start to launch the campaign.
Click Cancel to rescind all of the actions, then click Quit in the pop-up window. If you want to make additional edits, click Continue Editing.
How to Track People Who Reply to Phishing Simulation Emails
The "Reply Tracking" feature allows system administrators to monitor and identify users who respond to phishing simulation emails. This not only helps in evaluating employee awareness but also provides valuable insights into how users engage with suspicious emails. By understanding user behavior, organizations can tailor their training efforts and mitigate potential risks more effectively.
Why Use the Reply Tracking Feature?
Identify High-Risk Users: Track which employees engage with phishing emails by replying, so you can provide targeted training to address their vulnerabilities.
Gain Behavioral Insights: Understand what employees typically write when responding to phishing emails, which can reveal potential patterns of risky behavior.
Improve Security Awareness: Use the data collected to refine your awareness campaigns and educate employees on best practices for handling suspicious emails.
How to Enable and Use the Reply Tracking Feature
Follow the steps below to enable and utilize this feature:
Navigate to Phishing Simulator > Campaign Manager, then click the + NEW button.
Fill in the required fields. For more details on setting up a campaign, refer to the beginning of the documentation.
Enable the "Reply Tracking" option.
Enter a custom email name and select one of the simulation domains provided by the platform.
To review the content of reply emails, enable the "Save reply email content for review" option. This allows you to view the content of the replies directly in the campaign report.
Click Next and select the scenario you wish to launch for your employees.
Configure the remaining settings as needed. For detailed guidance, refer to the "Create a Campaign" section in the documentation.
Once your campaign is live, any employee who replies to the simulation email will appear in the campaign report under the Replied menu. You can review the details of their replies if you have enabled the "Save reply email content for review" option.
For more information about campaign reports, refer to the full documentation here.
Video Tutorial
This tutorial covers the Campaign Manager options such as Schedule, Multiple Target Groups, SMTP Delay, Expire Date, Multiple Scenarios, and Randomize to allow you to modify various elements to suit your needs.
FAQ
Q: Is it possible to remove the phishing simulation email from target users’ inboxes once the campaign has been launched?
A: Yes. The Incident Responder investigation feature gives you the capability to delete the phishing simulation email.
Q: Can I cancel the phishing simulation after the campaign has been launched?
A: No. You can only cancel the campaign before the launch date.
Q: Can I change the date and time of the campaign after it has been scheduled?
A: Yes. You can adjust the campaign settings at any time before the launch date.
Q: Is there a way to exclude phishing campaigns from showing up in the reports section, for example, if they were launched for testing purposes?
A: Yes. On the Advanced Settings tab, the Exclude from reports feature provides this capability.
Q: If I select multiple scenarios for my campaign, how will the system distribute them among my employees?
A: When multiple scenarios are selected for a campaign, the distribution of emails will be calculated based on the number of users divided by the number of scenarios. For example, if you have 100 users and 4 scenarios, each scenario will be sent to 25 users.
Last updated