This article details the process of creating email templates for your simulated phishing test using PhishingBox. For more information on managing and creating templates, see the Templates section of our user guide.
Creating a Template
1. Navigate to Templates > Create Template from the main menu.
2. Here you can title your template, write a description, select your template type & your phishing hook.
You have two options for the template type:
- Phishing Template – Create the phishing e-mail that the targets will receive.
- Training Template – Create an end page that the target will see if test is failed.
The phishing hook is the type of phishing e-mail that you want to run which will simulate a corresponding landing page.
For this example, we are going to create a Fake Password Reset phishing template.
3. After clicking the Create button, you are now redirected to the Template Editor where you can edit the template details, the e-mail for the targets, and the landing page.
Navigate to the Template tab in the Template Editor bar.
Here you can make any changes to the name, description, or you can change the Phishing Hook.
Click on Configure Domain Name and choose a domain from our domain list that you want to appear as the sender, click Test Domain, click OK.
4. Click on the Email tab on the Template Editor to choose your e-mail layout.
For this example, we are going to use the Simple Text layout.
Now we can edit the e-mail page, add a logo, and edit the message.
On right side under Email Settings, you must configure the From Name, From Email, and Email Subject.
We highly recommend using the same domain that you used in Configured Domain Name in the last step, as the domain for the From Email.
After editing the phishing email & the Email Settings, we have something like the example below:
5. Click on the Landing Page tab in the Template Editor bar.
For this example, we are going to use the No Styling layout.
After choosing your layout, you can now edit the landing page that your target will begin to fill out.
An example is given below:
6. When you are done editing your phishing template, click Save in the top right corner. Then to test it out, click Preview & Test, input your email and press OK.
When I check my e-mail, I now have the following. This is what the target will see when they receive the e-mail:
Opening the e-mail:
After pressing “click here,” I’m redirected to this page:
When a user preforms an action on the landing page it is always considered a failure. But by default if a target opens an e-mail, it is not considered a failure. This can be optional and can be changed under the E-mail tab, and then under Tracking Email Open on the right sidebar.