Articles in this section

Landing Page Template Editor

Updated

Overview

This article describes the different features of the landing page template editor. Landing pages are web pages designed to appear as legitimate web pages that test your targets on recognizing malicious web pages. When an email template is configured with a landing page completion option, hook links found in the email will direct targets to the landing page.

NOTE: Please see our Phishing Email Template Editor article for more details on email templates.

Use the links below to jump to a section:

  1. Landing Page Editor
  2. Phishing Landing Page Details & Settings
  3. Preview and Fullscreen Editor Buttons
  4. External Links

Landing Page Editor 

The landing page editor allows you to edit the content of the landing page through a graphical interface editor or by code. Below details each tab available in the landing page template editor. 

Body

The Body tab allows you to edit a landing page in a graphical user interface (WYSIWYG editor). Editable sections will be highlighted by a red dashed line and box when you hover over them. Clicking this red box will create a new paragraph element. 

This editor includes all the standard tools that come with the WYSIWYG editor, as well as a custom "Add a Phishing Hook Link" button () and a variables drop-down list. Below are the available variables:

  • {hook_url} - The URL that directs the target to the completion option. Actions are tracked when targets request these URLs. 
  • {hook_link} - A hyperlink that directs you to the hook URL. The text for this link can be customized in the Miscellaneous settings of the landing page template. 
  • {phish_key} - The phish key associated with the target. 
  • {qrcode} - Selecting this variable will generate and <img> tag containing a QR code.
  • {fname} - The value found in the target's first name field. 
  • {lname} - The value found in the target's last name field. 
  • {email} - The value found in the target's email field. 
  • {group_name} - The name of the group the target is included in. 
  • {sub_group_name} - The value found in the target's sub-group field. 
  • {ip_address} - The target's public IP address. 
  • {date} - The current date. 
  • {datetime} - The current date & time. 
  • {company} - The value found in the target's company field. 
  • {department} - The value found in the target's department field. 
  • {manager} - The value found in the target's manager field. 
  • {title} - The value found in the target's title field. 
  • {address_one} - The value found in the target's address one field. 
  • {address_two} - The value found in the target's address two field. 
  • {city} - The value found in the target's city field. 
  • {state} - The value found in the target's state field. 
  • {zip} - The value found in the target's zip field. 
  • {country} - The value found in the target's country field. 
  • {phone_business} - The value found in the target's phone business field. 
  • {phone_business_fax} - The value found in the target's phone business fax field. 
  • {phone_mobile} - The value found in the target's phone mobile field. 
  • {custom_target_fields} - Every custom target field will also be included as a variable. 

Header

The Header tab allows you to input HTML code into the <header> tag of the landing page template.

CSS

The CSS tab allows you to input custom CSS styling into the <style> tag of the landing page template.

Code

The Code tab allows you to input custom HTML into the <body> tag of the landing page template. 

Back to top

 

Phishing Landing Page Details & Settings

The Landing Page Editor sidebar contains drop-down menus that allow you to configure landing page template options.

Template Settings 

  • Template Name - Name of the template to be displayed throughout the portal.
  • Template Description - A Brief description of the template to be displayed throughout the portal.
  • Template Categories - Pre-defined categories assigned to the template for filtering purposes.
  • Landing Template Method - The type of phishing experience. This determines what fields are needed for the landing page to function properly.
    • Data-Entry - Mimics a typical web form. The data entered is NEVER stored.
    • URL Replicate - Replicate another website as your landing page. Add a URL to replicate in the field on the Template tab to enter the URL you want to replicate. This tool works best with simple web pages. 

Library Settings (Resellers Only)

Select which libraries the template should be included in. 

Page Settings 

These settings will only apply to the selected template locale. 

  • Landing Page Title - The text that will appear in the target’s browser title.
  • Completion Message - A JavaScript alert message that targets receive when completing a page action.
  • Right-to-Left Text - Turning this on will set the text direction to right-to-left on the landing page (some languages, such as Arabic, display text in right-to-left format, whereas other languages, such as English, display text left to right). This option changes the CSS direction setting to rtl for the body tag.
  • Default Locale - Toggle to make the currently viewed localization the default for the template. The default localization will be used as the localization for any Targets that do not have a language set.

Completion Settings 

Set up the next step in the phishing progression upon target failure.

  • Form Submission Report Action - This field defines the action type that will be recorded when a target commits a failing action on the landing page. This action type will display in reports and action tables found on PhishingBox. 
  • Completion Redirect Option - Select a redirect option that triggers if a target commits a fail action on the landing page.
    • No Redirect - Targets will not be redirected.
    • URL Redirect - Redirect the user to any URL you choose.
    • Training Page - Select a training page to redirect the target to. If a default is assigned in the Phishing Settings, this option can be used, otherwise the global default training page will be used. With this option selected, the "Training Page Selection" field will become available. Use this field to select an existing training page template, create a new one, or copy an existing training page template. 
  • Download File Option - If you chose a download type landing template method, the "Download File Option" and "Download Filename" inputs will be enabled.
    • No File - Display Custom Message - Display the completion message.
    • Download PDF with Message - Download a prebuilt PDF file and display the completion message.
    • Download EXE  - Download a prebuilt EXE file and display the completion message.
  • Download Filename - Specify a filename for the file to be downloaded.

Miscellaneous

  • Hook URL Link Text - This is the text that will be used for the {hook_link} variable. 
  • Use Bootstrap - Use Bootstrap on the landing page. This option is on by default.
  • Bootstrap Version - This allows you to choose which version of Bootstrap to load on the Landing Page. This option defaults to version 3.3.7.
  • JQuery Version - This allows you to choose which version of jQuery to load on the Landing Page. This option defaults to version 3.1.1.
  • Body Background Color - Change the background color of the body tag.

Back to top

Editor Utility Toolbar

The buttons at the bottom of the Template Editor provide several functionalities: you can restore the template to its original state when the page was first loaded, modify or create locales, and access the WYSIWYG and/or HTML editor.

  • Current Locale drop-down - The drop-down in the bottom-left corner of the template editor lets you display a different locale for the template. 
  • Delete Locale - Click the 'Delete' button to remove the currently selected locale. Please note that the default locale cannot be deleted.
  • Create New Locale - Add a new locale by clicking the plus icon. A pop-up will appear asking you to choose an existing locale to copy and the new locale you want to add. Once the locale has been created, you will need to edit it to add your translation.
  • Translate - Clicking the globe icon opens the Translate pop-up. This tool translates the default localization into the selected languages, creating a new locale for each language. You may select any configured LLM for your translations. By default, this uses AWS Translate.
  • Import - Import localizations via CSV. 
  • Modify with AI -   Give instructions on what sort of template you want the AI to create. Once created or copied into your account, you can give further instructions to modify elements of the template without starting new. 
  • Report Issue - Submit a ticket to support for issues with a template
  • Preview - Load/render the page on the selected template domain.
  • Restore - Remove any changes made since the last save.
  • Fullscreen Editor - This option expands the Template Editor to full screen, with one half dedicated to the code editor and the other half displaying the WYSIWYG editor.

 

External Links

If you would like to add external links (that won’t trigger the page's phishing hook) to your landing page, you can add a class to your anchor tags.

<a href="your-url.com" class="ignore-submit">Click Here</a>

  • ignore-submit will bypass the page’s default phishing hooks, but still record a failure. It will appear as “Clicked 3rd Party Link” in reporting.
  • training-link will bypass the page’s default phishing hook and register as a training action. It will appear as “Clicked 3rd Party Training Link” in reporting.

Back to top

Was this article helpful?
0 out of 0 found this helpful