Phishing Simulator
1. Introduction
To get the most out of our anti-phishing platform, you need to use the following options.
You should customize your SMTP definition. If you use our SMTP service, you should create a whitelist.
Contact us at support@keepnetlabs.com and receive the SMTP IP Address of our Phishing Simulator. You will able to control your dashboard on the Platform.
To receive new notifications, add the domains keepnetlas.com and keepnetbird.com to the whitelist.
With the tour options, you can examine the pages and understand the forms and entries on the pages in detail.
2. Understanding Phishing Scenarios Page
Phishing Scenarios is the page where you start your phishing campaigns. On this page, you are going to see many ready phishing email templates and fake landing pages in Phishing Scenarios List.
The Phishing Scenarios List has the following Columns:
Column Title | Description |
Company Name: | Name of the company which has created the related phishing email template |
Template Name: | Name of the phishing email template |
The Content-Type: | The content type of the phishing email template, e.g., is it a data submitting (sharing) or an attachment downloading scenario? |
Created: | Creation date o the related phishing email template |
Categories: | Category of the phishing email template, e.g., online shopping or travel security |
Owner: | The person who has created the related phishing email template |
Language: | The language of phishing email template |
Type: | The type consists of two sections, System and Custom. |
Action: |
3. Creating Quick Phishing Campaign
It’s possible to create a phishing campaign with one click. For this, simply go to Phishing Simulator > Phishing Scenarios > Template List page, and you are going to see a lot of ready-email templates to test your users.
Once you have previewed the phishing email templates and their fake landing pages and decided which email template you are going to use, you can launch your phishing campaign by clicking on the Launch button under Action.
Now, you are going to see the Fast Launch page. You must do the followings:
Type a description of your phishing campaign in Notes
Select instant Training that will be assigned to your users once they have failed in the phishing test. If you don't want to use this function, leave it as it is.
Select your Target group; e.g., if your target group is already in the system, choose one of your groups from your group list that appeared. However, if it is a new group, select the New Group.
If you select New Group, you must type the following group details.
Name (Optional): Type your target users' Name. This is an optional feature. If you choose this, your target users will see a personal greeting addressing their names during the phishing campaign. If you do not want this, leave it as it is. However, note that if you skip this process, your users will get a generic greeting rather than a personal one.
Surname (Optional): Same as above. Type your target users' Surname. This is an optional feature. If you choose this, your target users will see a personal greeting addressing their Surnames during the phishing campaign. If you do not want this, leave it as it is. However, note that if you skip this process, your users will get a generic greeting, rather than a personal one.
Email (Must): Type your target users' Email. This is required.
You have made all changes; the system will start the related phishing campaign with default variables (such as SMTP, dead time, etc.).
4. SMTP And LDAP Settings
An SMTP (Simple Mail Transfer Protocol) server is an application that it's main purpose is to send, receive, and/or relay outgoing mail between email senders and receivers. You can define the email server that the phishing campaign will be sent. For this, visit the Company > SMTP Setting List > New SMTP page and define the SMTP settings:
Settings Title | Description |
SMTP Name | This is the name that will be listed on the SMTP list page as a reminder name. |
SMTP Type | This is the type of SMTP. When using the corporate server, it may remain default. It can bring the settings of Gmail, Outlook, etc., services predefined for convenience. |
SMTP Server Address | SMTP server’s DNS name or IP address and port number. |
Authentication | The field where the requested username and password values are defined. If your SMTP server requires authentication, you should mark the Authentication box. |
Use SSL | If email service supports or necessitates an SSL connection, you can use this option. |
Reply To | It is the email address for responses to return, except the sender email address. |
Error To | The email address errors will be delivered. |
CC | E-mail address to keep in CC in the sent e-mails. |
BCC | Blind carbon copy to tertiary recipients who receive the message. The primary and secondary recipients cannot see tertiary recipients. |
X-Mailler | The value to be selected as the sender e-mail. |
Custom Header | The Custom header option is there to add additional options to the sent e-mail header information. Sometimes, security checks are needed. |
Important Note: The sender domains can be different during simulated phishing tests. Therefore, SMTP servers must be allowed to send emails from different domains. In this case, we suggest you whitelist our IP addresses.
4.1. Testing of SMTP Settings
You can check whether the email has been sent via the defined email server or not. Simply click on the “Send Test Message” button, which is located on the email server page.
If it is successful, you will get a Success notification.
4.2. LDAP Settings
LDAP (Lightweight Directory Access Protocol) is an Internet protocol that email and other programs use to look up information from a server. With the integration of Windows Active Directory and LDAP, it is possible to import user accounts to our system. You can access LDAP Settings on the “Advanced Settings > Ldap Settings” page.
With the “New LDAP” option, you can create a new LDAP and make multiple Active Directory definitions on this page.
LDAP Settings | Description |
URL | Active Directory’s (AD) IP address or DNS address |
Username | An authorized username to make LDAP query |
Password | The password for this account |
Status | The status of the registry to be added can be changed as passive or active. It can be used when it is active. |
Filter | The options under this menu can be left as default. If AD structure customized, changes can be made in the types of queries here. |
5. Importing Target Users into the System
You can create a new email group for Phishing or Training Campaigns or edit the existing ones.
5.1. Using an Excel File
To use this feature, firstly, you must download the sample Excel file from our platform. Go to the Company > Target Users, where you will see your existing user groups. If you want to import your new users to an existing group, click on the ✉️ Mails under Action.
On the new page opened (the Group Information page), click on the Download button bottom left-hand corner to have your "Sample Excel Sheet File".
You must import your users into the "Sample Excel Sheet File". The sequence should be as following:
Email | Name | Surname | Phone | Department | Extra Field 1 | Extra Field 2
Not all of the fields are required, but we recommend that you fill in the Email, Name, Surname fields.
To prevent the syntax structure from damage, do not delete the fields you have not filled in!
Once you prepare your target group information in the Excel file, you can upload it into the system from the Choose File button on the Group Information page.
If you want to create a new user group, go to Company > Target Users and click on the New Group button in the upper right-hand corner. Once you name your group, you will be redirected to your Target Users Page, where you will see your new group's name. However, note that this group will be empty, and you have to import your users by clicking on the Mails button under Action.
5.2. Using LDAP Feature
You also have the Active Directory integration option to import your target users into the Platform. Go to the Advanced Settings > LDAP Settings, and on the upper right-hand corner, click on the New LDAP button.
On the new page opened, fill in the related fields and click on the Save button on the bottom right-hand corner.
Now, go back to Company> Target users, and click on the ✉️(Mails) button of the related group, open the Group Information page. Here, click on the Add User LDAP button and import them into the platform.
With the “Query in Db” option, you might search for a name, department, or any attribute within LDAP.
If you choose the “Import All” option, all users will be imported into the system. Or, if you choose the “Import Selected” option, only the chosen users will be imported into the system.
5.3. Manual Import
You can also add email details to your target groups manually. For this, go to Company> Target users, and click on the ✉️(Mails) button of the related group, open the Group Information page. Here, click on the Add User Manually button to go to the Email User Edit page. Fill in the related fields and click on Save to complete the process.
6. Phishing Template Management
Our platform allows users to select or create the phishing email templates to be used in phishing campaigns. As mentioned above, there are multiple phishing scenario samples in the Platform that are accessible from the Phishing Simulator > Phishing Scenarios.
Once you decided which template to use, you can carry out various operations like editing, cloning, or previewing the fake email with buttons under the Action column. See more on Understanding Phishing Scenarios.
6.1. Cloning and Customising Default Phishing Templates
You can clone pre-existing phishing email templates and fake landing web pages and customize them. Once you click on the button under Action on the Phishing Scenarios page, you will create a duplicate of the related template.
Now, on the cloned template, click on the Edit button under Action to start your customization. You can change the text, logo, signatures, phishing links, sender name, UR, etc.
By clicking on the Content, you can also open the fake landing page and customize it.
After you are done with editing, you can save it and use it to start your own phishing campaign.
Template Editing Description Table
Settings | Description |
Template Name | The name that was given to the template |
Default Document Name | Document’s Default name |
Template Files | The template file to be used |
Attachment | The attachment that will be added to the phishing email template |
From Name | The sender name |
From | The sender email address |
Phishing URL | The phishing URL which is redirected to Platform |
Subject | The email/phishing subject |
Shortcut | Field shortcuts in the email |
Content | The phishing email content |
Clone | It is used to create a new copy of the template. It is an ideal way to work on a new one without unsettling the existing templates. |
Preview Page | The existing fake page (an HTML page) is previewed. |
6.2. Previewing and Deleting Phishing Templates
It is also possible to preview your phishing templates. For this, click on the Preview button under Action. While you are previewing the phishing template, if you click on the links within the email content, you will be redirected to the fake web page that is designed for capturing data. (We had covered how to edit phishing email templates and fake landing page in 5.1).
It is also possible to delete the phishing template with the Delete button under Action.
6.3. Creating a New Phishing Template
6.3.1. Phishing Email Template
Phishing email template components are made up of email with .eml or .msg extension. In order to create a phishing template, you should have an original email that you can edit/customize once you have imported it into our system. You should save the original email as a .eml or .msg file format on your local computer.
An example of creating a template is demonstrated below.
As you can see, the email with .eml or .msg file extension can be used as a fake web page.
6.3.2. Creating a Fake Landing Page
As for creating a fake landing page, you will basically decide which web page you will copy. Then, right-click and click on “View Page Source” to download its HTML code. Make sure that you have saved it to your local computer as a .html extension.
You also have to add some codes to your.html file you have just saved to your local computer to track which users submitted information to this fake landing page during phishing tests.
Therefore, open the .html file on your local computer using a text editor, and edit it by typing to the input areas displayed below as captured=”email”, captured = “password”, and capturedbutton. See the sample below.
Now, go to Phishing Simulator > Phishing Scenarios and click on the New Template button on the right corner of the page. Then you have to fulfil the followings:
Define the Type of the phishing template, e.g., Custom or System
Type in our Template Name
Define the Language of the phishing template
Specify the Category of your template, e.g., online shopping or travel security
Upload the EML or MSG file you have saved to your local computer
Now, click on the Create button to proceed to customize your phishing template as you desire. You can edit the visuals, sender information, links, name, mailing details within the email content and assign a Phishing URL by clicking on{PHISHING_URL}the link above box.
If you click on{PHISHING_URL} the box, you will see an empty phishing URL on the email content. When you right-click on the link, you will recognize the edit the link or unlink options.
After this editing, whatever the Phishing URL is to be defined in the Campaign Manager, the fake web page will be opened on that same URL.
Shortcuts contain abbreviations such as name, surname, and target e-mails. {TONAME} shortcut automatically adds the target users’ e-mails to each sent e-mail content. It is the same with the "{TO}" parameter. Thus, whatever email, name and surname information is used in Email Groups, it will appear in the phishing email you have created.
7. Phishing Campaign Management
This field helps to manage phishing campaigns, such as creating a new phishing campaign, reporting a phishing campaign, and scheduling the phishing campaign.
7.1. Creating a New Campaign
To create a phishing campaign, go to Phishing Simulation > Campaign Manager and click on the New Campaign on the right top of the page.
Or, under the action column or the related phishing campaign, click on the edit campaign icon to edit existing campaigns.
Once you have click on the edit campaign icon or the New Campaign on the right top of the page, you will see the Campaign Edit page.
Now, you have to fill in the related fields to create a new campaign or edit the g one.
Follow the settings and descriptions below:
Settings | Description |
Campaign Name | The name of the campaign to be launched |
SMTP | Selection of the identified email server |
Email Groups | Selection of email group the campaign to be sent |
Template | Selection of the phishing scenarios to be used in the campaign |
Test Email Addresses | Type the email address for a test before launching the campaign. |
Test Subject / Subject | Header information of an email to be sent |
From | The email address the phishing email is going to be sent from. (The address to be selected must have a DNS registry.) |
From Name | The sender name |
Phishing URL | URL information where the prepared fake page will be displayed. |
Dead Time | The option of how many days the campaign will continue. |
SMTP Delay | Email sending intervals between each email |
Advanced Settings | Settings with detailed options |
Daily Report | It sends a daily report about this phishing campaign |
Finished Report | Report on the completed phishing campaign |
Use SSL | It enables SSL option for Phishing URL |
LDAP Match | It checks the password on LDAP. For this, LDAP settings must be configured. |
Use BEEF | It enables to use of BeEF (The Browser Exploitation Framework Project) in the frame tag. |
BEEF Address | Users’ BeEF URL |
Time Zone | The campaign start date for phishing |
Schedule | The campaign can be scheduled here |
7.3. Reporting the Phishing Campaign
Please visit the Report Manager to see how phishing emails are reported and interpreted.
7.4. Scheduling a Phishing Campaign
Then, click on the ADVANCED SETTINGS, and here you will see the scheduling option.
Also, you can set the sending limit of the phishing campaign. If you choose 20, for instance, the system will send emails at 20 minutes intervals.
SMTP Delay:
SMTP delay helps to send emails with time intervals. For instance, if you choose the No Delay option, the system will send phishing campaigns without interval (1 sec). However, you can set it to send emails with 10 sec or 20 - sec intervals.
Sending Limit:
With this option, you have the ability to limit email sending. For instance, by default, the Platform sends phishing campaigns to 20 users in a second. You can set it to 50 or 100 users. However, in this case, many anti-virus tools can alert and send campaigns to the spam folder.
8. FAQ
Q: Can I schedule a phishing campaign?
A: Yes, you can. Go to Campaign Manager and click on the Edit icon. Here, click on the ADVANCED SETTINGS, and you will see the Schedule option.
Q: Can I set the phishing campaign sending limit?
A: Yes, you can. Go to Campaign Manager and click on the Edit icon. You will see the sending limit and SMTP delay setting here.
Last updated
