Phishing Simulator
Last updated
Last updated
To get the most out of our anti-phishing platform, you need to use the following options.
You should customize your SMTP definition. If you use our SMTP service, you should create a whitelist.
Contact us at support@keepnetlabs.com and receive the SMTP IP Address of our Phishing Simulator. You will able to control your dashboard on the Platform.
To receive new notifications, add the domains keepnetlas.com and keepnetbird.com to the whitelist.
With the tour options, you can examine the pages and understand the forms and entries on the pages in detail.
Phishing Scenarios is the page where you start your phishing campaigns. On this page, you are going to see many ready phishing email templates and fake landing pages in Phishing Scenarios List.
The Phishing Scenarios List has the following Columns:
It’s possible to create a phishing campaign with one click. For this, simply go to Phishing Simulator > Phishing Scenarios > Template List page, and you are going to see a lot of ready-email templates to test your users.
Once you have previewed the phishing email templates and their fake landing pages and decided which email template you are going to use, you can launch your phishing campaign by clicking on the Launch button under Action.
Now, you are going to see the Fast Launch page. You must do the followings:
Type a description of your phishing campaign in Notes
Select instant Training that will be assigned to your users once they have failed in the phishing test. If you don't want to use this function, leave it as it is.
Select your Target group; e.g., if your target group is already in the system, choose one of your groups from your group list that appeared. However, if it is a new group, select the New Group.
If you select New Group, you must type the following group details.
Name (Optional): Type your target users' Name. This is an optional feature. If you choose this, your target users will see a personal greeting addressing their names during the phishing campaign. If you do not want this, leave it as it is. However, note that if you skip this process, your users will get a generic greeting rather than a personal one.
Surname (Optional): Same as above. Type your target users' Surname. This is an optional feature. If you choose this, your target users will see a personal greeting addressing their Surnames during the phishing campaign. If you do not want this, leave it as it is. However, note that if you skip this process, your users will get a generic greeting, rather than a personal one.
Email (Must): Type your target users' Email. This is required.
You have made all changes; the system will start the related phishing campaign with default variables (such as SMTP, dead time, etc.).
An SMTP (Simple Mail Transfer Protocol) server is an application that it's main purpose is to send, receive, and/or relay outgoing mail between email senders and receivers. You can define the email server that the phishing campaign will be sent. For this, visit the Company > SMTP Setting List > New SMTP page and define the SMTP settings:
Important Note: The sender domains can be different during simulated phishing tests. Therefore, SMTP servers must be allowed to send emails from different domains. In this case, we suggest you whitelist our IP addresses.
You can check whether the email has been sent via the defined email server or not. Simply click on the “Send Test Message” button, which is located on the email server page.
If it is successful, you will get a Success notification.
LDAP (Lightweight Directory Access Protocol) is an Internet protocol that email and other programs use to look up information from a server. With the integration of Windows Active Directory and LDAP, it is possible to import user accounts to our system. You can access LDAP Settings on the “Advanced Settings > Ldap Settings” page.
With the “New LDAP” option, you can create a new LDAP and make multiple Active Directory definitions on this page.
You can create a new email group for Phishing or Training Campaigns or edit the existing ones.
On the new page opened (the Group Information page), click on the Download button bottom left-hand corner to have your "Sample Excel Sheet File".
You must import your users into the "Sample Excel Sheet File". The sequence should be as following:
Email | Name | Surname | Phone | Department | Extra Field 1 | Extra Field 2
Not all of the fields are required, but we recommend that you fill in the Email, Name, Surname fields.
To prevent the syntax structure from damage, do not delete the fields you have not filled in!
Once you prepare your target group information in the Excel file, you can upload it into the system from the Choose File button on the Group Information page.
If you want to create a new user group, go to Company > Target Users and click on the New Group button in the upper right-hand corner. Once you name your group, you will be redirected to your Target Users Page, where you will see your new group's name. However, note that this group will be empty, and you have to import your users by clicking on the Mails button under Action.
You also have the Active Directory integration option to import your target users into the Platform. Go to the Advanced Settings > LDAP Settings, and on the upper right-hand corner, click on the New LDAP button.
On the new page opened, fill in the related fields and click on the Save button on the bottom right-hand corner.
With the “Query in Db” option, you might search for a name, department, or any attribute within LDAP.
If you choose the “Import All” option, all users will be imported into the system. Or, if you choose the “Import Selected” option, only the chosen users will be imported into the system.
Our platform allows users to select or create the phishing email templates to be used in phishing campaigns. As mentioned above, there are multiple phishing scenario samples in the Platform that are accessible from the Phishing Simulator > Phishing Scenarios.
Once you decided which template to use, you can carry out various operations like editing, cloning, or previewing the fake email with buttons under the Action column. See more on Understanding Phishing Scenarios.
You can clone pre-existing phishing email templates and fake landing web pages and customize them. Once you click on the button under Action on the Phishing Scenarios page, you will create a duplicate of the related template.
Now, on the cloned template, click on the Edit button under Action to start your customization. You can change the text, logo, signatures, phishing links, sender name, UR, etc.
By clicking on the Content, you can also open the fake landing page and customize it.
After you are done with editing, you can save it and use it to start your own phishing campaign.
It is also possible to preview your phishing templates. For this, click on the Preview button under Action. While you are previewing the phishing template, if you click on the links within the email content, you will be redirected to the fake web page that is designed for capturing data. (We had covered how to edit phishing email templates and fake landing page in 5.1).
It is also possible to delete the phishing template with the Delete button under Action.
Phishing email template components are made up of email with .eml or .msg extension. In order to create a phishing template, you should have an original email that you can edit/customize once you have imported it into our system. You should save the original email as a .eml or .msg file format on your local computer.
An example of creating a template is demonstrated below.
As you can see, the email with .eml or .msg file extension can be used as a fake web page.
As for creating a fake landing page, you will basically decide which web page you will copy. Then, right-click and click on “View Page Source” to download its HTML code. Make sure that you have saved it to your local computer as a .html extension.
You also have to add some codes to your.html file you have just saved to your local computer to track which users submitted information to this fake landing page during phishing tests.
Therefore, open the .html file on your local computer using a text editor, and edit it by typing to the input areas displayed below as captured=”email”, captured = “password”, and capturedbutton. See the sample below.
Now, go to Phishing Simulator > Phishing Scenarios and click on the New Template button on the right corner of the page. Then you have to fulfil the followings:
Define the Type of the phishing template, e.g., Custom or System
Type in our Template Name
Define the Language of the phishing template
Specify the Category of your template, e.g., online shopping or travel security
Upload the EML or MSG file you have saved to your local computer
Now, click on the Create button to proceed to customize your phishing template as you desire. You can edit the visuals, sender information, links, name, mailing details within the email content and assign a Phishing URL by clicking on{PHISHING_URL}the link above box.
If you click on{PHISHING_URL} the box, you will see an empty phishing URL on the email content. When you right-click on the link, you will recognize the edit the link or unlink options.
After this editing, whatever the Phishing URL is to be defined in the Campaign Manager, the fake web page will be opened on that same URL.
Shortcuts contain abbreviations such as name, surname, and target e-mails. {TONAME} shortcut automatically adds the target users’ e-mails to each sent e-mail content. It is the same with the "{TO}" parameter. Thus, whatever email, name and surname information is used in Email Groups, it will appear in the phishing email you have created.
This field helps to manage phishing campaigns, such as creating a new phishing campaign, reporting a phishing campaign, and scheduling the phishing campaign.
To create a phishing campaign, go to Phishing Simulation > Campaign Manager and click on the New Campaign on the right top of the page.
Or, under the action column or the related phishing campaign, click on the edit campaign icon to edit existing campaigns.
Once you have click on the edit campaign icon or the New Campaign on the right top of the page, you will see the Campaign Edit page.
Now, you have to fill in the related fields to create a new campaign or edit the g one.
Follow the settings and descriptions below:
Please visit the Report Manager to see how phishing emails are reported and interpreted.
Then, click on the ADVANCED SETTINGS, and here you will see the scheduling option.
Also, you can set the sending limit of the phishing campaign. If you choose 20, for instance, the system will send emails at 20 minutes intervals.
SMTP Delay:
SMTP delay helps to send emails with time intervals. For instance, if you choose the No Delay option, the system will send phishing campaigns without interval (1 sec). However, you can set it to send emails with 10 sec or 20 - sec intervals.
Sending Limit:
With this option, you have the ability to limit email sending. For instance, by default, the Platform sends phishing campaigns to 20 users in a second. You can set it to 50 or 100 users. However, in this case, many anti-virus tools can alert and send campaigns to the spam folder.
A: Yes, you can. Go to Campaign Manager and click on the Edit icon. Here, click on the ADVANCED SETTINGS, and you will see the Schedule option.
A: Yes, you can. Go to Campaign Manager and click on the Edit icon. You will see the sending limit and SMTP delay setting here.
To use this feature, firstly, you must download the sample Excel file from our platform. Go to the Company > Target Users, where you will see your existing user groups. If you want to import your new users to an existing group, click on the Mails under Action.
Now, go back to Company> Target users, and click on the (Mails) button of the related group, open the Group Information page. Here, click on the Add User LDAP button and import them into the platform.
You can also add email details to your target groups manually. For this, go to Company> Target users, and click on the (Mails) button of the related group, open the Group Information page. Here, click on the Add User Manually button to go to the Email User Edit page. Fill in the related fields and click on Save to complete the process.
Before sending a created campaign to the users in your Email Groups, do not forget to test it at first. Therefore, use the Test icon under the Action and test your campaign.
Then you can launch your campaign with the Start icon.
You can see all the details of your phishing campaign using the Detail icon under the Action. Click on it, and you will be redirected to the Report Manager page to see the phishing campaign details.
The platform also enables scheduling the Phishing Campaigns. Go to Campaign Manager and click on the Edit icon .
Settings Title
Description
SMTP Name
This is the name that will be listed on the SMTP list page as a reminder name.
SMTP Type
This is the type of SMTP. When using the corporate server, it may remain default. It can bring the settings of Gmail, Outlook, etc., services predefined for convenience.
SMTP Server Address
SMTP server’s DNS name or IP address and port number.
Authentication
The field where the requested username and password values are defined. If your SMTP server requires authentication, you should mark the Authentication box.
Use SSL
If email service supports or necessitates an SSL connection, you can use this option.
Reply To
It is the email address for responses to return, except the sender email address.
Error To
The email address errors will be delivered.
CC
E-mail address to keep in CC in the sent e-mails.
BCC
Blind carbon copy to tertiary recipients who receive the message. The primary and secondary recipients cannot see tertiary recipients.
X-Mailler
The value to be selected as the sender e-mail.
Custom Header
The Custom header option is there to add additional options to the sent e-mail header information. Sometimes, security checks are needed.
LDAP Settings
Description
URL
Active Directory’s (AD) IP address or DNS address
Username
An authorized username to make LDAP query
Password
The password for this account
Status
The status of the registry to be added can be changed as passive or active. It can be used when it is active.
Filter
The options under this menu can be left as default. If AD structure customized, changes can be made in the types of queries here.
Settings
Description
Template Name
The name that was given to the template
Default Document Name
Document’s Default name
Template Files
The template file to be used
Attachment
The attachment that will be added to the phishing email template
From Name
The sender name
From
The sender email address
Phishing URL
The phishing URL which is redirected to Platform
Subject
The email/phishing subject
Shortcut
Field shortcuts in the email
Content
The phishing email content
Clone
It is used to create a new copy of the template. It is an ideal way to work on a new one without unsettling the existing templates.
Preview Page
The existing fake page (an HTML page) is previewed.
Settings
Description
Campaign Name
The name of the campaign to be launched
SMTP
Selection of the identified email server
Email Groups
Selection of email group the campaign to be sent
Template
Selection of the phishing scenarios to be used in the campaign
Test Email Addresses
Type the email address for a test before launching the campaign.
Test Subject / Subject
Header information of an email to be sent
From
The email address the phishing email is going to be sent from. (The address to be selected must have a DNS registry.)
From Name
The sender name
Phishing URL
URL information where the prepared fake page will be displayed.
Dead Time
The option of how many days the campaign will continue.
SMTP Delay
Email sending intervals between each email
Advanced Settings
Settings with detailed options
Daily Report
It sends a daily report about this phishing campaign
Finished Report
Report on the completed phishing campaign
Use SSL
It enables SSL option for Phishing URL
LDAP Match
It checks the password on LDAP. For this, LDAP settings must be configured.
Use BEEF
It enables to use of BeEF (The Browser Exploitation Framework Project) in the frame tag.
BEEF Address
Users’ BeEF URL
Time Zone
The campaign start date for phishing
Schedule
The campaign can be scheduled here
Column Title
Description
Company Name:
Name of the company which has created the related phishing email template
Template Name:
Name of the phishing email template
The Content-Type:
The content type of the phishing email template, e.g., is it a data submitting (sharing) or an attachment downloading scenario?
Created:
Creation date o the related phishing email template
Categories:
Category of the phishing email template, e.g., online shopping or travel security
Owner:
The person who has created the related phishing email template
Language:
The language of phishing email template
Type:
The type consists of two sections, System and Custom.
Action:
System: If the type is System, then it means the related phishing email template is a default template.
Custom: If the type is Custom, then it means the related phishing email template is created by the Client.
Action column provides the following features: Edit Campaign: You can customize the related phishing email template.
Clone Template: You can duplicate the related phishing email template for your own usage.
Preview template: You can preview the related phishing email template to see how it looks like.
Move to Trash: You can delete the related phishing email template
Launch: You can use the related phishing email template to start your phishing email campaign
