1. Knowledge Base
  2. PHISHING SIMULATION

How to Set Up a One-time Phishing Campaign?

Setting Up a Phishing Simulation Campaign is easy and fast! It’s the perfect way to test your team and identify additional training opportunities by sending them realistic fake phishing emails in an attempt to deceive them into clicking links.

1. Before you test or run the full-fledged phishing simulation our phishing IPs need to be whitelisted in Office 365  and Google Workspace.

Domains must be whitelisted if the customer is using Microsoft Defender or other third-party email validation services.

Click on Phishing on the left side menu, then choose Create Campaign

2. Select a One-Time Phishing campaign 

3. Once selected you will need to choose a template for your campaign either from our library or you can create your own custom template. Choose a template by clicking on the checkbox in the corner of the template & press next to proceed.

Each template can be Clone and Edit and the fields can be customized: Template Name (seen for Admin), Display Name (Email Name), Subject (Email Header), Username (Email Sender).

You can add any value to the username field which will also add this value as the subdomain to the landing page.

 

4. Once you are done with the template selection, you can customize the landing page mood, text, and video:

5. Going further please select the desired recipients and press next

As a side note, disabled users will not get phishing simulation emails.

The unregistered users will not get phishing simulation emails unless the admin sends us a request to change the logic for future campaigns.

6. In the Delivery Tab select the Delivery Period, Days of the Week, Time Zone & Hours, and Start Delivery.

You may check how many users will be phished per day by placing the cursor on the date circled in blue. Once you are all set hit the Preview and Start tab in the upper right corner or press on next  

 7. Please double-check the selected options before you click Start Campaign 

8. You will receive a notification Phishing Campaign Successfully Started and will be forwarded to a result page where you may track a percentage of Emails Sent, Opened, Clicked, and Phished.
You can also view the settings that you chose to run the campaign with by pressing on the gear icon (settings preview is available for archived campaigns as well).

You may go to the Report   and Archive by clicking any of those options in the top right corner 

9. Report provides you the list of the recipients and templates with the statuses accordingly.

10. Archived tab stores the data of all the ended campaigns, you may hard delete them by clicking 'Delete' in the top right corner.

Sending Domains: These are visible in the simulation email's "from" field. For example, your test email may appear from support@legal-user[.]com, where 'legal-user' is the sending domain.

Landing Page Domains: These are used in phishing links, leading users to the 'got phished' landing page upon clicking.

We recorded an amazing tutorial with an updated UI, please feel free to watch it! 

How to Create a One-time Phishing Campaign🔍

 

Any questions? Please contact our support specialists at support@wizer-training.com.

 

Frequently Asked Questions About Phishing Campaigns

1. Can I run a Phishing Campaign with my users before I start the Training? Of course! You will be able to add your users to the campaign without sending them an email invite. 

2. Why should I run a Phishing Campaign? Testing your employees this way will help you gauge your risk and response rate as well as identify training opportunities for those who may need it. 

3. Do users receive a notification when I start a Phishing Campaign?  No, Users only receive an invitation once they got a Training, Phishing Game, Policy, or Monthly Video assigned.

4. Why do we recommend setting Entire Period as a Delivery period in a Phishing campaign? To avoid spreading the news amongst colleagues they have been targeted to be phished.

Best regards,

wizer_logo_dark