Overview
This article describes the different features of the landing page template editor. Landing pages are web pages designed to appear as a legitimate web page to test your targets on recognizing malicious web pages. When an email template is configured with a landing page completion option, hook links found in the email will direct targets to the landing page.
NOTE: Please see our Phishing Email Template Editor article for more details on email templates.
Use the links below to jump to a section:
- Landing Page Editor
- Phishing Landing Page Details & Settings
- Preview and Fullscreen Editor Buttons
- External Links
Landing Page Editor
The landing page editor allows you to edit the content of the landing page through a graphical interface editor or by code. Below details each tab available in the landing page template editor.
Body
The Body tab allows you to edit a landing page in a graphical user interface (WYSIWYG editor). Editable sections will be highlighted by a red dashed line and box when you hover them over them. Clicking this red box will create a new paragraph element.
This editor includes all the standard tools that come with the WYSIWYG editor, as well as a custom "Add a Phishing Hook Link" button () and a variables drop-down list. Below are the available variables:
- {hook_url} - The URL that directs the target to the completion option. Actions are tracked when targets request these URLs.
- {hook_link} - A hyperlink that directs you to the hook URL. The text for this link can be customized in the Miscellaneous settings of the landing page template.
- {phish_key} - The phish key associated with the target.
-
{qrcode} - Selecting this variable will generate and
<img>
tag containing a QR code. - {fname} - The value found in the target's first name field.
- {lname} - The value found in the target's last name field.
- {email} - The value found in the target's email field.
- {group_name} - The name of the group the target is included in.
- {sub_group_name} - The value found in the target's sub-group field.
- {ip_address} - The target's public IP address.
- {date} - The current date.
- {datetime} - The current date & time.
- {company} - The value found in the target's company field.
- {department} - The value found in the target's department field.
- {manager} - The value found in the target's manager field.
- {title} - The value found in the target's title field.
- {address_one} - The value found in the target's address one field.
- {address_two} - The value found in the target's address two field.
- {city} - The value found in the target's city field.
- {state} - The value found in the target's state field.
- {zip} - The value found in the target's zip field.
- {country} - The value found in the target's country field.
- {phone_business} - The value found in the target's phone business field.
- {phone_business_fax} - The value found in the target's phone business fax field.
- {phone_mobile} - The value found in the target's phone mobile field.
- {custom_target_fields} - Every custom target field will also be included as a variable.
Header
The Header tab allows you to input HTML code into the <header>
tag of the landing page template.
CSS
The CSS tab allows you to input custom CSS styling into the <style>
tag of the landing page template.
Code
The Code tab allows you to input custom HTML into the <body>
tag of the landing page template.
Phishing Landing Page Details & Settings
The Landing Page Editor sidebar contains drop-down menus that allow you to configure landing page template options.
Template Settings
- Template Name - Name of the template to be displayed throughout the portal.
- Template Description - A Brief description of the template to be displayed throughout the portal.
- Template Categories - Pre-defined categories assigned to the template for filtering purposes.
-
Landing Template Method - The type of phishing experience. This determines what fields are needed for the landing page to function properly.
- Data-Entry - Mimics a typical web form. The data entered is NEVER stored.
- Download - Enable additional fields to add files for download. Download type landing page templates mock web pages that contain links to download files.
- URL Replicate - Replicate another website as your landing page. Add a URL to replicate in the field on the Template tab to enter the URL you want to replicate. This tool works best with simple web pages.
Library Settings (Resellers Only)
Select which libraries the template should be included in.
Page Settings
These settings will only apply to the selected template locale.
- Landing Page Title - The text that will appear in the target’s browser title.
- Completion Message - A JavaScript alert message targets will receive when completing a page action.
-
Right to Left Text - Turning this on will set the text direction to right-to-left on the landing page (some languages, such as Arabic, display text in right to left format, whereas other languages, such as English, display text left to right). This option changes the CSS
direction
setting tortl
for the body tag. - Default Locale - Toggle to make the currently viewed localization the default for the template. The default localization will be used as the localization for any Targets that do not have a language set.
Completion Settings
Set up the next step in the phishing progression upon target failure.
- Form Submission Report Action - This field defines the action type that will be recorded when a target commits a failing action on the landing page. This action type will display in reports and action tables found on PhishingBox.
-
Completion Redirect Option - Select a redirect option that triggers if a target commits a fail action on the landing page.
- No Redirect - Targets will not be redirected.
- URL Redirect - Redirect the user to any URL you choose.
- Training Page - Select a training page to redirect the target to. With this option selected, the "Training Page Selection" field will become available. Use this field to select an existing training page template, create a new one, or copy an existing training page template.
-
Download File Option - If you chose a download type landing template method, the "Download File Option" and "Download Filename" inputs will be enabled.
- No File - Display Custom Message - Display the completion message.
- Download PDF with Message - Download a prebuilt PDF file and display the completion message.
- Download EXE - Download a prebuilt EXE file and display the completion message.
- Download Filename - Specify a filename for the file to be downloaded.
Miscellaneous
-
Hook URL Link Text - This is the text that will be used for the
{hook_link}
variable. - Use Bootstrap - Use Bootstrap on the landing page. This option is on by default.
- Bootstrap Version - This allows you to choose which version of Bootstrap to load on the Landing Page. This option defaults to version 3.3.7.
- JQuery Version - This allows you to choose which version of JQuery to load on the Landing Page. This option defaults to version 3.1.1.
- Body Background Color - Change the background color of the body tag.
Add Locale, Preview, and Fullscreen Editor Buttons
The bottom bar of the landing page template editor provides the following tools.
-
Current Locale drop-down - The drop-down in the bottom-left corner of the template editor lets you display a different locale for the template.
-
Delete Locale - Delete the currently selected locale (you cannot delete the default locale).
-
Create New Locale - You can add a new locale by clicking the plus icon. A pop-up will appear asking you to choose an existing locale to copy and the new locale you want to add. Once the locale has been created you will need to edit it to add your translation.
-
Create New / Update Locale with AWS Translate - This tool translates the default locale to the selected locale(s). This tool will also translate the training page configured in completion options (if one is configured).
NOTE: See our Using AWS Translate article for more details.
-
Import Localizations - Use this button to import localizations via CSV.
- Preview - Open a preview of the landing page in a new browser tab.
- Restore to Last Save - Remove any changes made since the last save.
- Fullscreen Editor - Edit the landing page in a full screen WYSIWYG editor.
External Links
If you would like to add external links (that won’t trigger the pages phishing hook) to your landing page you can add a class to your anchor tags.
<a href="your-url.com" class="ignore-submit">Click Here</a>
- ignore-submit will bypass the page’s default phishing hooks, but still record a failure. It will appear as “Clicked 3rd Party Link” in reporting.
- training-link will bypass the page’s default phishing hook and register as a training action. It will appear as “Clicked 3rd Party Training Link” in reporting.
Comments
0 comments
Please sign in to leave a comment.