PhishSim Email Templates

#1

Email Templates

Table of Contents

Introduction

Email templates are the messages sent to learners during PhishSim campaigns. This article will explain how to manage existing email templates. Infosec IQ includes hundreds of pre-built templates, and you can also create custom templates.

Navigate to PhishSim > Phishing Email Templates. The templates are organized into five tabs:

  • System: System Templates are templates created by InfoSec and included with the Infosec IQ platform.
  • Contributed: Contributed templates were created by Infosec IQ customers and shared with the community.
  • Shared: Shared Templates are available for Global Administrators to share any personal template they have created/modified to all sub-accounts.
  • Personal: Personal templates were created in and only available to users in your account.
  • All: This tab displays templates from all other tabs.

Templates are divided into categories under each tab. You can expand a category by clicking the + button. Once the section is expanded, it will show the first five templates in that category. Use the arrows in the top right corner to browse through additional pages:

Templates
Templates.png885×298 14.7 KB

You can also search for templates by clicking the magnifying glass at the top of the list.

search
search.png885×274 11.4 KB

Searches can also be enhanced by clicking the filter button to display templates based on category, difficulty level and open/phish rate.

filters
filters.png885×252 10 KB

Attack Types

When creating or using an Email Template, there are four options for the type of attack presented by the phishing email:

  • Drive-By: The purpose of a drive-by attack is simply to get a learner to click on a link contained in the email. The link will lead to a web page which contains follow-up training.
  • Attachment: When an attachment attack is conducted, a file attachment is included with the PhishSim email. When a learner selects “Enable Editiing” after opening the file attachment, the Infosec IQ platform is notified that the user has opened the file. You can choose from three different file types: Microsoft Word (.docm), Excel (.xlsm) and PowerPoint (.ppt).
  • Data Entry: A data entry simulation will send the learner to a web page designed to look like a legitimate website prompting for personal information such as credentials. When the Data Entry attack type is selected, an additional field called Site is displayed to select the Data Entry Template, which is the form learners are routed to after clicking the link.

Note: None of the data entered by a user is stored permanently.

  • Business Email Compromise (BEC): A BEC attack involves requesting a direct email reply and does not require a victim to click on any links; for example asking for a credit card number. You can optionally track responses and store the replies for up to 14 days. For more information please see PhishSim Reply Tracking

Return to Table of Contents

Previewing an Email Template

  1. Hover over the email template you would like to preview and click the Preview button to open a preview in a new browser tab.
  2. You can also click Send Preview Email To Me to have a preview of the email sent to you.

Return to Table of Contents

Creating/Editing an Email Template

Follow the steps below to create an email template. See PhishSim Template Editor for a detailed overview of the PhishSim Template WYSIWYG Editor.

Note: If an Email Template is created from external source code, Infosec IQ will automatically sanitize any links that may be included in the source code and redirect them back to a PhishSim landing page. This ensures that emails received by learners will not direct them to a malicious site.

  1. Click the New Template button.
  2. Alternatively, you can edit an existing template by clicking the Edit button.
  3. Name the template.
  4. Enter a From Name.
  5. Select the From Email by clicking the gear icon. There are a variety of phishy domains included in the Infosec IQ platform. You can also register custom domains under PhishSim > Phishy Domains, or you can opt to spoof an existing domain. See below for more information about domain spoofing.
  6. Enter an Email Subject.
  7. Select the Category that best fits your template.
  8. Select the type of attack your template will use. The available fields will vary depending on the chosen Attack Type.
  9. Set a difficulty level and select the Education your learners will receive after getting phished. You also have the option to choose an Education that will implement Phishing Indicators (more on this later). After selecting the Education, you can preview it by clicking the Preview Education button.

To spoof an existing domain, scroll to the bottom of the domain list and select Spoof Domain. Note that in order to effectively spoof an email domain you may need to make additional configuration changes within your email environment. Infosec will not exchange any keys or store any certificates to facilitate successful DKIM or SPF checks, and many mail systems will block spoofed domains.

Note: Reply tracking cannot be used on a PhishSim campaign if any of the selected templates uses a spoofed domain.

2022-04-13%2015_58_32-Infosec%20IQ_%20Initech%20Templates
2022-04-13 15_58_32-Infosec IQ_ Initech Templates.png691×629 22.4 KB

Return to Table of Contents

Cloning an Existing Email Template

Hover over the Email Template that you would like to clone and click the clone icon. This will bring you to the Email Template Editor. After you make your edits and save the template, it will be found under your Personal tab.

Return to Table of Contents

Contributing a Personal Template to Infosec IQ

  1. To contribute a personally-created template to Infosec IQ, go to the Personal tab and click the Contribute to Infosec IQ button. Your submission will be reviewed by the Infosec IQ team and, if approved, will be available to all Infosec IQ users under the Contributed tab.
  2. You can also withdraw a template which you have previously contributed by going to the Contributed tab and clicking the Withdraw Contributed Template icon next to your contributed template.

Return to Table of Contents

Sharing a Personal Template to Sub-Accounts

(Global Administrators Only)
  1. To contribute a personally-created template to Infosec IQ, go to the Personal tab and click the Share with all sub-accounts button.
    phishsimemail_sharewithsubaccounts
  2. Once shared, the template will be availabled in the Shared tab in all sub-accounts

Return to Table of Contents

Deleting a Personal Template

To delete a personal template, go to the Personal tab and click the Delete icon. Please note that you cannot delete System or Contributed templates, though contributed templates can be withdrawn.

Return to Table of Contents