This introduction will take you through every step involved in the creation and use of phishing email templates.
1. What is a phishing email template?
A phishing email template is the actual email that a target will receive when delivered as part of a phishing campaign. The phishing email is the actual content a user reads and as such it plays a critical role in the success of phishing simulations.
2. Dynamic Email Variable
To ensure each email has a level of uniqueness towards each employee, we provide you with the ability to configure content that will be dynamically inserted at the time of delivery. This content and the keyword inserts are as follows:
Phishing Website Link: Generates a phishing link specific to the employee, campaign, and tenant.
{{.PhishWebsite}}
Note: use phishing website links by injecting the above variable into the href attribute of an HTML 'a' (anchor) element.
QR Code Image: Generates a QR code which contains a phishing link specific to the employee, campaign, and tenant.
{{.QRCode}}
Note: use QR codes by injecting the above variable into the src attribute of an HTML 'img' (image) element.
Email Sender Display Name: Replaced with the Sender Profile Display Name
{{.SenderProfile-DisplayName}}
Target Email Address: Replaced with the Target/Employee Email Address
{{.Target-Email}}
Target First Name: Replaced with the Target/Employee First Name
{{.Target-FName}}
Target Last Name: Replaced with the Target/Employee Last Name
{{.Target-LName}}
Target Job Title: Replaced with the Target/Employee Job Title
{{.Target-JTitle}}
Target Company: Replaced with the Target/Employee Company Name
{{.Target-Company}}
Target Country: Replaced with the Target/Employee Country They Reside In (e.g. Australia)
{{.Target-Country}}
Target Language: Replaced with the Target/Employee Language Preference Display Name (e.g. English)
{{.Target-Language}}
Target Supervisor: Replaced with the Target/Employee Supervisor Email Address
{{.Target-Supervisor}}
Target Custom Attribute #1: Replaced with the Target/Employee Custom Attribute #1
{{.Target-Custom1}}
Target Custom Attribute #2: Replaced with the Target/Employee Custom Attribute #2
{{.Target-Custom2}}
Current Date & Time - Long Form (e.g. Friday, November 3, 2024 11:00 AM):
{{.DateTimeNow}}
Current Date - Short Form (e.g. Nov 03, 2024):
{{.DateNow}}
3. Email template functionality deep-dive
-
Template Page Options:
- View (Magnifying Glass): Opens the Email Inbox Simulator allowing you to view the email as the user would see it. For regular Website Phishing, this will allow you to see the journey the user goes through if they click the phishing link. For conversational phishing, this will simulate the AI's initial email, a sample response, and then the AI's response to the human.
- Update: Provides the ability to view and update the back-end configuration used to create the template (e.g. description, email body, embeded image & attachments, etc.)
- Duplicate: Duplicates the template, allowing you to preserve the original while making edits to a new version.
-
Delete Template: Provides the ability to delete a template.
Note: if you delete a template that is not custom-made, the original version will reappear in the library. Use this option if you want the template to return to it's default setting.
-
Template Setup/Update (For Standard Phish):
- Template Name: The name given to the email template.
- Template Description: A brief description of what the email template is doing.
- Email Type: Choose between Standard Phish or Conversation Phish.
- Data Required: Pre-requisite target information needed to successfully deliver this template (e.g. the email may reference the targets first name and as such, this information is needed in the target group).
-
Payload Type: Determines the type of phishing attack. Your selection will determine what's available in section 12. Template Correlation.
- Phishing Website (Link to phishing website).
- Phishing Attachment (Attachment included in email).
- Information Request (Reply to style attack).
- Callback Request (Voice phishing style attack). -
Detection Difficulty: How difficult it will be for a target to spot whether the email is a phish.
- Easy: An average click rate of 0% to 19%
- Medium: An average click rate of 20% to 29%
- High: An average click rate of 30% or higher
- Service Location: Geographic location.
- Email Subject: The subject of the email.
- Email Body: The HTML email body.
-
Embed Images or Attach Files: Used to upload any images or attachments which may need to be referenced within the email.
- Image: If an image is uploaded for embedding, the image will get saved to a CanIPhish controlled cloud-storage location with public read rights enabled. You can then embed this image and the location into the email body.
- Screenshot: If a screenshot is added, it will be displayed in your phishing library as the thumbnail.
- Attachments: If an attachment is uploaded, the attachment will automatically be included in the phishing email. IMPORTANT: Only specific Word, Excel and PowerPoint files are supported. To download them, head to our "Attachment Tracking" article.
- Public Links for Images Embedded & Files Attached: A list of all image links and attachments associated to this email template.
- Template Correlation: The Phishing Website & Sender Profile associated to the Email Template. When using the Campaign Interactive Wizard or Quick Setup, when this Email Template is selected, the correlated sender and website templates will also be selected.
- Save Template: Clicking save will save any changes made to a phishing template.
-
Template Setup/Update (For Conversational Phish):
- Template Name: The name given to the email template.
- Template Description: A brief description of what the email template is doing.
- Email Type: Choose between Standard Phish or Conversation Phish.
- Data Required: Pre-requisite target information needed to successfully deliver this template (e.g. the email may reference the targets first name and as such, this information is needed in the target group).
-
Payload Type: Determines the type of phishing attack. Your selection will determine what's available in section 12. Template Correlation.
- Phishing Website (Link to phishing website).
- Phishing Attachment (Attachment included in email).
- Information Request (Reply to style attack).
- Callback Request (Voice phishing style attack). - Email Scenario: Select from a predetermined scenario. This sets the agenda for the AI in conversational phishing attempt.
- AI Persona: Choose which department the AI is from. The AI will lean into this persona.
- AI Persona Name: Hardcodes a name to the AI persona. If left random, the AI will choose its own name from a list of common names.
- AI Tone: Determines the tone in which the AI will communicate with the recipient.
- Generate Example Email: Generates a sample email based on the settings specified in the conversation designer. It's important to note that this is not the actual email.
- Detection Difficulty: Determines how difficult this phishing email is to detect.
- Save Template: Clicking save will save any changes made to a phishing template.
4. Using your own Phishing Email
The CanIPhish platform supports the creation and modification of phishing emails, should you create or modify a phishing email, you need to ensure your phishing email leads to a next action. This next action could be any of the following.
Note: Depending on the next action, please ensure the relevant pre-requisite is listed within the email template.
-
Phishing Link: Ensure the text identifier '{{.PhishWebsite}}' is embedded within a clickable hyperlink/button. At the time of sending, this string of text is replaced with the URL of the phishing website selected within a campaign. Below is an example:
- HTML view:
-
-
- Code view:
-
- Phishing Attachment: Ensure you've attached the necessary payload to your email. It's recommended to use the CanIPhish provided Word, Excel or PowerPoint documents as these have been specially designed to include a tracking pixel. For information on how these can be used, including the locations of our base documents, please see our Attachment Tracking support article.
- Reply-To: A reply-to attack entices the victim to provide a response. This type of attack is often more complex in nature and the victim is eventually enticed to perform an action that will ultimately benefit the attacker.
Keen to see how a phishing email looks and feels without having to actually send yourself a test? Take a look at our interactive email phishing simulation tool.
Comments
0 comments
Please sign in to leave a comment.