For your first phishing campaign, create a simple or "ad-hoc" phishing campaign by following these steps:
From your admin dashboard, go to Phishing Manager > Phishing Campaigns, where you can see the phishing campaigns list. Note that on a new portal, this list is empty.
Select Create a new campaign to open the Phishing Campaign Wizard. After reading information about the wizard, select Next.
-
In the next window, you can select how you want to send the emails and the template to use.
-
The Send Mode options include Normal, Batch and Burst, with Normal as the default option. To create a simple phishing campaign, use Normal, which means that one phishing email is sent to all recipients simultaneously at publication time.
Note
After you create your first simple phishing campaign, you can consider setting up campaigns in Batch and Burst mode:
Batch mode: If you choose Batch mode, then you can select one phishing email template which will be sent to recipients at different times. It will happen over a specific period, beginning at publication time. When emails are sent at different times, it reduces the "tip-off" effect between recipients.
Burst mode: In Burst mode, emails are also sent at different times over a specific period, but you can select up to ten different email templates to send to recipients.
-
To create the email template, you can make selections from the following:
-
Template Type: Select the checkbox(es) to display templates based on their type, such as Home and Personal; Business; C-Suite; Attachments.
Note
C-Suite refers to executive titles in an organization where C stands for "Chief", such as Chief Executive Officer of Chief Financial Officer. C-Suite is available once C-Suite information has been populated. This can then be used for CEO mock phishing campaigns.
Category: Email templates can be displayed according to their categories, such as Banking, Shopping, and so on.
Complexity: You can display templates based on how complex you want them to be: Low, Medium, High. Select Low when creating a simple campaign.
Creator: You can choose from templates that are pre-populated or ones you have created.
The list of templates automatically responds to the selections you make to display what is available.
-
-
For further help in locating a template, you can use both the sort and search functionality.
Select the up/down arrow in the column titles to sort the contents in ascending or descending order.
Enter a word in the Search field to filter results with that word.
Select Preview under Actions to read the email template. Once you are satisfied with the one that you want to send, select the checkbox beside the template and then select Next.
-
-
Next you can enter the campaign details, which include:
Use attachment: If you want to include an attachment in your email, select Use Attachment, and then select the download icon in the Attachment name field to attach it.
Attachment Name: Name of the attachment.
Attachment type: In the Attachment type field, select HTML, Word or Excel to identify the file type.
Phishing Form: Select the phishing form you want the user to see in the Phishing Form field.
-
Trigger: The Trigger field displays a range of actions that a user could take on a phishing form. Based on the option you select, the user receives a warning message after performing that action, as described below:
None: If you want to track a user's actions without sending them a warning message, select this option.
Enters Field: User clicks in either the User Name or Password field in the phishing form, which triggers the warning message.
Types in Field: Select this option if you want the user to get a warning message when they attempt to enter information in any of the phishing form fields.
Posts Form: User completes form and attempts to submit it, triggering the warning message.
User Feedback Message: SafeTitan provides the facility to create customized user feedback messages. These messages are presented to the recipient upon clicking on an embedded phishing email link or opening a phishing attachment. When using your portal for the first time, a SafeTitan default user feedback message is available. You can preview the user feedback message by selecting the preview button to the right of the User feedback message option.
Campaign Name: The campaign name is needed to identify and refer to the campaign in future. This is an editable field that contains a default name consisting of the template name + date/time stamp.
Campaign Description: This is an editable field that contains the name of the email template by default.
Training Recipients: Here you can add the groups or departments you wish to receive the phishing email. Remember: At startup, you are the only user on your portal and you are a member of the "Default Department". For your first campaign, simply select the "Default Department" unless you have created a new department and moved your username into that department. If you have other users in your department, it is recommended that you test your first campaign on yourself and maybe a colleague so be aware of the department or group you select here. See managing users and groups for more information.
Select Next to continue.
-
To schedule when you want the phishing campaign to run, complete the following details:
Publish start: Select the date and time you want the phishing campaign to start, which is when your emails begin sending. This date must be a minimum of one hour from your current time.
Publish end: This field is only available if you have chosen either Batch or Burst mode when setting up the template. It automatically sets the time that the delivery of emails ends. The number of emails within this time are evenly spaced out to the number of users you've targeted.
Batch Amount: This field is only available if you selected Batch mode when setting up the template. For your first phishing campaign, it is advisable to use Normal send mode.
Stage Time: This field is only available if you selected Burst mode when setting up the template. For your first phishing campaign, it is advisable to user Normal send mode.
-
Completion date: Select the date and time you want the phishing campaign completed in your system. This date must be set to a minimum of 2 weeks after your Publish start date.
Note
If you have set up Reactive Training for your phishing campaign, then be aware that a recipient has two weeks to complete the training following the campaign end date. The two-week completion date for reactive training is automatically set up when you create the campaign.
Select Next to continue.
-
Next, you can configure the following options for the phishing campaign:
Locale: From the dropdown list, select the language for the email.
Override user's default locale: When a new user is being set up, they are given a default language. If you select Yes in this field, you can override the user's locale and use the language you selected in Locale for the email. The default is No, which means that the user's default language will be used in the email.
Create Reactive Training: Select Yes, if you want to prepare a reactive training campaign. Reactive campaigns automatically enroll users in training based on phishing email activity. Examples of this include: opening email, clicking on link, opening an attachment and so on. It is recommended that you keep the default setting of No for your first campaign, and do not create reactive training.
Is Test Campaign: If you select Yes, then you can configure the campaign as a test so that the results are not recorded. This means that the company statistics are not impacted by mock phishing attempts.
Select Next to continue.
-
Your email template contains default values pertaining to the sender and subject. You can customize these values by following the steps below.
Email: Edit the name of the email sender, such as info or admin. In the @ field, you can change the domain of the email sender, for example, e-messages.com or e-owa.com.
Name: Edit the sender's name as you want it to appear in the recipients' email inbox.
Subject: Edit the subject.
Note
If you want to add more spoofing domains, you can do so by following the steps in Changing the Sender Email Address for Campaigns.
Select Next to continue.
-
Review the summary of your campaign and when you are satisfied that the information is correct, select Submit. If you notice an error, you can go back to the previous steps and make changes. The Campaign Summary page will automatically update.
Alternatively, you can select Cancel to exit without saving your changes.
You can see your unpublished campaign in the phishing campaign list in Phishing Manager, which you automatically return to after saving the campaign. Beside the Unpublished status in the Actions column, you can select View to review phishing campaign details and reports.
Following the creation of your first phishing campaign, learn how to review the phishing campaign results.