Sender Profiles - Introduction

This introduction will take you through every step involved in the creation and use of phishing sender profiles.

1. What is a phishing sender profile?
2. Sender profile functionality deep-dive
3. An Example Sender Profile
4. Using A New Sender Profile

1. What is a phishing sender profile?

A phishing sender profile is the Email From and Display Name that a phishing email appears to come from. As this is one of the first things a target sees when receiving an email it plays a critical role in the success of phishing simulations.

It's advised to consider how a sender profile may look when coupled with a email & website template as targets often consider all three aspects of a phishing attempt before deciding to download a malicious attachment or click a phishing link.

To support this, the CanIPhish platform also allows our users to spoof sender profiles if a vulnerability exists in the way a particular domain has been configured (e.g. you can spoof support@wikipedia.org if wikipedia.org hasn't adequately configured its DMARC record). To check if any particular domain is vulnerable, run a scan using our Domain Tools.

2. Sender profile functionality deep-dive

• Sender Profile Page Options:

  • New Profile: A single-page profile creation popup. Designed for speed and efficiency.
  • Update Profile: Provides the ability to view and update the back-end configuration used to create the profile (e.g. display name, from address, from domain, spoofed domain, etc.)
  • Duplicate Profile: Provides the ability to duplicate a profile. Useful for when you want to edit a profile but keep the original intact.
  • Delete Profile: Provides the ability to delete a profile.

• Sender Profile Setup/Update:

  1. Profile Name: The name given to the sender profile
  2. From Display Name: The display name that the phishing email appears to come from (e.g. the display name may be 'Desktop Support')
  3. Domain Selection: If you've setup your own third-party mail server or are using direct email injection, then you can choose to use your own domains as part of a phishing simulation. If you wish to utilise this functionality then select "Bring my own domain", else proceed with the default selection of "Use a CanIPhish domain"
  4. Spoof Domain: A checkbox indicating whether or not you want to attempt spoofing a domain. This will alter the creation popup slightly and present an input box for the 'From Address' as well as a 'Validate' button. If a spoofed address when validated presents a 'Spoofable' response, then that address can be spoofed.
  5. From Address: The from address that the phishing email appears to come from (e.g. the from address may be 'support@securecloud.com')
  6. Save Profile: Clicking save will save any changes made to a sender profile

3. An Example Sender Profile

The below image shows an example phishing email which incorporates the 'From Display Name' in the email preview of a targets mailbox. Accordingly, it is one of the first things a user sees and plays a huge importance to the success of a phishing attempt.

When a user clicks into the body of an email, they can dig into more detail and accordingly they see the following information pulled from the 'From Display Name' and 'From Address'.

4. Using A New Sender Profile

Once you have created a new sender profile, you need to attach it to a phishing template. Follow these steps to get started:

1. Navigate to Phishing Content

   • Go to Phishing Emails 

2. Select the Emails You Want To Attach The Sender Profile To

   • Find the email you want to configure and click 'Update'

3. Attach the Sender Profile

   • At the bottom of the page, you'll find the 'Template Correlation' section. Select the dropdown menu for 'Sender Profile.'
   • Select the newly created sender profile.

4. Save Your Changes

   • Ensure that your changes are saved before exiting.