Creating a phishing simulation campaign with phishr.com allows you to test and train your employees on recognizing phishing attempts effectively. Follow this detailed guide to set up your campaign.
Step 1: Access the Campaigns Page
1. Log in to Phishr.com: Use your credentials to log into your account.
2. Navigate to Campaigns: On the sidebar menu located on the left side of the dashboard, click on “Campaigns.”
3. Start a New Campaign: Click on “New Campaign” to begin setting up your phishing simulation.
Step 2: Enter Basic Details
1. Campaign Name: In the “Basic Details” section, find the field labeled “Campaign Name.” Enter a descriptive name for your campaign. This name will help you easily identify the campaign in your dashboard and reports.
2. Campaign Description (Optional): If there is an option to add a description, provide a brief summary of the campaign’s purpose and objectives.
Step 3: Select User Groups
1. Access User Groups: In the “User Groups” section, you will see a list of available user groups.
2. Search for Groups: Use the search bar to find specific groups quickly.
3. Select Groups: Click the “Select” button next to the group(s) you want to include in this campaign. You can select multiple groups if needed.
Step 4: Choose a Template
1. Browse Templates: In the “Templates” section, you will find a variety of pre-designed phishing email templates. These templates mimic common phishing scenarios.
2. Search for Templates: Use the search bar to find templates that fit your specific requirements.
3. Preview Templates: Click “Preview” to see what each template looks like. This helps you choose the most appropriate one for your campaign.
4. Select Multiple Templates: You have the option to select more than one template for your campaign. Simply click “Select” next to each template you want to use.
5. Assign Templates to Users:
• When you select multiple templates, you can configure how many templates each user will receive.
• This can be done under the “Advanced Settings” section, ensuring users do not all receive the same email, which prevents them from warning each other about the simulation.
Step 5: Configure Post Click Options
1. Capture Credentials:
• If you want to simulate a scenario where users are asked to enter their credentials, check the box labeled “Attempt to capture credentials.”
• This option will display a landing page that requests a username and password after the user clicks on the phishing link.
2. Enable Interactive Training:
• Check the box labeled “Enable interactive training” if you want users to be directed to an educational page explaining why the email was a phishing attempt.
• If left unchecked, users will be taken to a “You’ve Been Phished” page, informing them of the phishing simulation.
Step 6: Enable Auto Enrollment in Training Course
1. Automatic Enrollment: If you want users to be automatically enrolled in a training course after clicking on the phishing link, check the box in the “Auto Enrol In Training Course” section.
2. Select a Course: Choose the specific training course that users will be enrolled in. This is useful for immediate reinforcement of security awareness.
Step 7: Schedule the Campaign
1. Set Launch Date and Time: In the “Scheduling” section, enter the date and time you want the campaign to start in the “Launch At” field.
2. Specify Sending Time: If you need the emails to be sent by a specific time, fill in the “Send By” field.
3. Tracking Duration: In the “Number Of Days To Track Activity For” field, specify the number of days you want to monitor user interactions after the last email is sent.
Step 8: Configure Advanced Settings
1. Override Sending Domain:
• If you need to send emails from a specific domain, check the box labeled “Override sending domain.”
• Enter the desired domain details. This feature helps to ensure the emails appear legitimate and bypass certain email filters.
2. Template Distribution:
• When multiple templates are selected, you can specify the number of different templates each user will receive.
• This setting ensures that users do not all receive the same email, reducing the likelihood that they will warn their colleagues about the phishing simulation.
Step 9: Review and Start the Campaign
1. Review Campaign Details: Go through all the details you have entered to ensure everything is set up correctly.
2. Start Campaign: Once you are satisfied with the setup, click the “Start Campaign” button at the bottom of the page.