Smishing Campaign Manager
The campaign manager assists admins in launching smishing campaigns to the end users. The settings such as Save for Later, Send Now, Schedule, Target Groups, Distribution, Scenarios or Message Settings are set up from here before launching the campaign to end users.
Smishing Campaign Manager
This section describes the basic functionalities of the campaign manager page, where you can find all the campaign reports from the Smishing > Campaign Manager menu.
The components of the campaign manager page are explained below.
Campaign Name
Name of the smishing campaign
Target Users
Number of target users to whom the phishing scenario was sent
Status
Current status of the phishing campaign (idle, running, completed, paused, error, canceled)
Scenarios
Represents how many scenarios has been selected for the campaign.
Method
The selected scenarios method types.
Created By
Name of the company that created the phishing campaign
Date Created
Date and time that the phishing campaign was created
Last Launch
Date and time that the phishing campaign was launched
Actions
Following options are available:
Preview: Click it to preview the scenarios attached to the campaign.
Edit: Click it to customize the campaign and relaunch.
Create New Instance: Click it to relaunch to target groups with original campaign settings.
Delete: Click it to delete the campaign and reports from the platform.
Campaign Instances
This section explains the details of campaign reports, where you can access them by clicking the “Instances” button on the campaign manager page.
The components of the Campaign Instances page are explained below.
Schedule
The date and time the campaign will launch
Target Users
The number of scheduled target users
Status
Current status of the campaign
(idle, running, completed, paused, cancelled, error)
Date Created
The creation date of the campaign
Actions
Following options are available:
Launch: Launch the scheduled or save for later campaign immeditelay.
View Report: Access detailed reports of a campaign You can find more information about the report details here.
Delete: Delete the campaign report.
Pause: Suspend email delivery in the active campaign.
Resume: Resume email delivery in the paused campaign.
Stop: Terminate active email deliveries in the running campaign.
How to send a Smishing Campaign
Click on + NEW on the Smishing > Campaign Manager page to create a new smishing campaign within these simple steps:
Smishing Campaign Settings
Smishing Scenarios
Target Groups
SMS Settings
Campaign Summary
Before launching a smishing campaign, you must create a target user with users who must have phone numbers on the Company > Target Users page.
Campaign Settings
Select a name for the campaign, when it will be sent, and if you want this campaign to be excluded from your reports.
The components of the Campaign Settings page are explained below.
Campaign Name
The name of the campaign
Tracking Duration
Select the time period you want to keep this campaign active
Mark As Test
Check this if you wish to exclude this campaign from your reports
Smishing Scenarios
Select one scenario to send selected target users or select multiple phishing scenarios to distribute randomly.
If multiple scenarios are selected, each user will receive a random scenario.
Scenarios
Select scenarios to be sent to selected target users.
Type
Filter scenarios according to their method type.
Language
Filter scenarios according to their language.
Difficulty
Filter scenarios according to their difficulty level.
Training
Select training and send the training via email or redirect it immediately once the user falls for a phishing campaign.
Enrollment: Users can either be redirected to the training immediately with the "Start Training Immediately" option or opt to receive the training later through an email with the "Enroll via Email Notification" option.
Click Only: The users who click the phishing link will be redirected to the training immediately, or a training email will sent later.
Data Submission: The users who submit their credentials will be redirected to the training immediately, or a training email will sent later.
MFA: The users who submit their MFA code will be redirected to the training immediately, or a training email will sent later.
Reminder: The users who don't complete the training will receive additional reminder emails.
Certificate: The users who complete the training will receive a certificate.
Target Audience
Choose one or several recipient groups to send the selected phishing scenarios to.
Group Name
The name of the target group you wish to send the campaign to
Company Name
The name of the company that created the target group
Priority
Specify the priority information of the target user. If the priority is high, the user will get the email first.
Date Created
The date the user was created
Limit Recipients
Send this campaign to randomly selected users: Choose this option to send the phishing campaign to randomly selected users within the target group. You have the option to choose a percentage of the group or a specific number of users.
When you select a specific target group, you will see the summary table of users on the right side of the target audience page.
First Name
User’s first name
Last Name
User’s surname
User’s email address
Once you have selected the target group you wish to launch the camping to, click Next.
SMS Settings
Set up the following fields correctly.
Sender Phone Number
Select the phone number from the dropdown menu that the end user will see when receiving the smishing text. When you select multiple numbers, messages will be sent from a randomly chosen number during delivery.
Frequency
If you have selected multiple scenarios, you can choose how often you would like to send the scenarios randomly to the selected groups.
Schedule
The date and time of the campaign launch:
Save for later: Check this box to send the campaign later. To send now, click on the "Now" button after opening the date and time pop-up.
Schedule for: Check this box to begin the campaign on a specific date.
Enable Region-Aware Time Zone Delivery: Send SMS simulation messages according to the target users' local time zones. If a user’s time zone is not defined, the email will be sent based on the organization's primary time zone.
Distribution
When you launch a smishing campaign to a large audience, this feature ensures that the emails are not blocked or quarantined by the recipient's email server. It achieves this by distributing the emails over a period of time rather than sending them all at once.
Send emails when the campaign starts: As the campaign begins, emails are immediately dispatched to the selected target users.
Send emails on defined days and hours: You can determine the specific days and times when emails will be delivered to the chosen target users.
Sending limit per batch: Define the quantity of emails you'd like to send to the recipients in each batch during the chosen days and times.
Send emails with delay every: Decide on the duration of the pause between sending each batch, whether it's in seconds, minutes, or hours.
The system will automatically determine and show you the duration required to send the campaign to the designated number of recipients based on your chosen settings.
Campaign Summary
All of the details of the smishing campaign are easily accessible on one page, along with a preview of the vishing call steps.
The components of the Campaign Summary page are explained below.
Campaign Name
The name of the campaign.
Method
The smishing scenario method selected.
Difficulty
The difficulty level of the smishing scenario.
Starting
The date and time that the vishing campaign will start distribution.
Duration
The time period this campaign will be active.
Sender Phone Number
The phone number that end users will see when receiving the smishing scenario.
Target Users
A preview of the target users selected.
Smishing Scenarios
A preview of the one or multiple smishing scenarios selected.
For multiple scenarios, click on the name of the scenario to preview the selected text message and landing page.
Click Start to launch the campaign.
Click Cancel to rescind all of the actions, then click Quit in the pop-up window. If you want to make additional edits, click Continue Editing.
Video Tutorial
This video tutorial covers the Campaign Manager options such as Save for Later, Send Now, Schedule, Target Groups, Distribution, Scenarios, or Message Settings to allow you to modify various elements to suit your needs.
FAQ
Why does an SMS go to the spam folder when I launch an SMS phishing campaign?
A phishing URL could cause the SMS simulation to be marked as spam.
The phone number was reported as suspicious.
Keywords that impersonate big names, like Microsoft or Outlook, etc.
Solutions:
Test your Smishing simulation campaign on various GSM providers to ensure it is not marked as spam.
If it goes to spam, first check the URL to ensure it doesn't look suspicious. For example, outlook.company.com is suspicious; use email-login.company.com instead.
Change the sender phone number to use a number never detected as suspicious by carriers.
How do you ensure that messages arrived at destination?
Yes, we provide delivery reports in real time. You can make sure the phone number has got the SMS test or failed to delivery with reason by following the Smishing Report > Sending Report > Delivery Status
Which protocols are used for the exchange of SMS?
The primary protocols used for the exchange of SMS messages include SMPP (Short Message Peer-to-Peer) and HTTP/HTTPS for API communications. SMPP is a standard protocol for exchanging SMS messages between SMS peer entities such as short message service centers, while HTTP/HTTPS protocols are used for API-based interactions, enabling secure communication over the internet.
Do you have any document testifying that all data collected is destructed after a certain amount of time?
Keepnet adheres to strict data privacy and security protocols, ensuring that all collected data is managed responsibly. According to our data retention policy, all data collected through our services, including the SMS phishing simulator, is securely destroyed after a predetermined period, in compliance with applicable data protection regulations. We can provide documentation detailing our data destruction procedures and timelines upon request, highlighting our commitment to maintaining the privacy and security of our users' data.
Last updated