Overview
The Phishing Settings page allows you to customize settings related to your phishing campaigns.
- IP Filters tab - Automatically exclude actions originating from specified IP addresses, IP ranges, or CIDRs from being recorded in campaign actions.
- Verified IPs tab - Automatically verify actions originating from specific IP addresses, IP ranges, or CIDRs within your campaigns.
- Templates tab - Configure default settings for phishing templates.
- User Agent Filters tab - Exclude actions from specified user agents to refine the accuracy of your campaign data.
To get started, navigate to Administration > Settings > Phishing Settings.
Use the links below to jump to a section:
General
- Bot Bait - Insert a hidden URL in a Phishing Email. Since it is invisible to anyone opening the email, anything that follows that link is a Bot/Crawler. You can turn it off here if it is causing deliverability issues.
- Auto IP Filter Creation - Automatically create an IP Filter for an IP/User Agent combination when a bot/crawler is detected.
- Time to Phish Filter - Filter out any action that occurs between the time of sending and the Time to Phish Time defined in the settings.
- Time to Phish Time - The length of time, in seconds, to use for the Time to Phish Filter. It is recommended to leave the default time in place unless you are absolutely sure you need to filter out all actions within a larger amount of time.
IP Filters
Automatically exclude actions originating from specified IP addresses, IP ranges, or CIDRs from being recorded in campaign actions.
- CIDR - The block notation for the specific IP address that is being excluded.
- IP Ranges - The range of IP addresses being excluded. If the entry is for only one IP address, then the range will list just a single IP.
- Service/Notes - Information about the service associated with the excluded IP/range/CIDR is listed. This is set at creation.
- Actions - The number of actions in your account that are coming from the IPs in the entry.
- Type - "Account" if the IP/range is being excluded on your account only; "Community" if the IP/range/CIDR is being excluded system-wide.
- Status - Green if the entry is enabled, red if the entry is deactivated ("enabled" means PhishingBox is excluding actions originating from the IP/range; "deactivated" means filter is not being used).
- Actions - Deactivate/restore the entry by clicking the button under Actions.
To add an IP address to your account's IP Filters list, click the 'Create' button. You'll be prompted to select the type of filter you want to create, whether it's for a single IP, an IP range, or a CIDR block. In the IP(s) entry box, input the IP addresses, ranges, or CIDRs as a comma-separated list. Optionally, you can add a description in the Service/Notes section to help identify the filter.
Verified IPs
Automatically verify actions originating from specific IP addresses, IP ranges, or CIDRs within your campaigns.
- CIDR - this is the block notation for the specific IP address that is being excluded.
- IP Ranges - this is the range of IP addresses being excluded. If the entry is for only one IP address, then the range will list just a single IP.
- Service/Notes - this is where information about the service associated with the excluded IP/range is listed.
- Actions - this is the number of actions in your account that are coming from the IPs in the entry.
- Status - Green if the entry is enabled, red if the entry is disabled ("enabled" means PhishingBox is automatically verifying actions originating from the IP/range in test results; "deactivated" means the entry is not being used).
- Actions - Deactivate/restore the entry by clicking the button under Actions.
To add an IP address to your account's Verified list, click the 'Create' button. You'll be prompted to specify the type of filter you're creating, whether it's for a single IP, an IP range, or a CIDR block. In the IP(s) entry box, input the IP addresses, ranges, or CIDRs as a comma-separated list. Optionally, you can provide a description in the Service/Notes section to help identify the filter.
Templates
The Templates tab allows you to configure default settings for phishing templates.
- Default New Template Locale - The locale that will be used when creating new templates. Other locales can be added after creation.
- Default New Template Domain - The domain that will be used when creating new templates.
- Default Custom Email Header Name - The default custom email header that will be added to all new phishing email templates. This can be used to help your mail server identify test emails and get them passed security settings (e.g., if you enter EXAMPLENAME and EXAMPLEVALUE, X-EXAMPLENAME : EXAMPLEVALUE will be added to the header of all your phishing emails). This header is in addition to the X-PHISHTEST header that will be added to the emails by default. If you want to set an account level email header to take the place of the system email header X-PHISHTEST, you can do so on the Mail Settings page.
- Default Custom Email Header Value - The default custom email header value that will be added to all new phishing email templates.
-
Use Custom Phishing Disclaimer?: - Configure a custom phishing disclaimer in your phishing emails instead of the default (i.e., text that will replace the
{phishing_disclaimer}
tag). -
Default Phishing Disclaimer - The default phishing disclaimer that can be included in phishing emails using the
{phishing_disclaimer}
variable. - Default Enforce Template Default Language - Turn on if you wish the Enforce Template Default Language toggle in the Campaign Wizard to default to 'Yes'.
-
Branding Color tags - The Branding Color tags will automatically be replaced in the Template Editor, so you can preview them on the templates. Any CSS color tags using colors that match these settings will likewise be replaced with the tags when saving templates.
-
Branding Primary Color - This field is available in all email templates by using the
{branding_primary}
dynamic tag variable. -
Branding Secondary Color - This field is available in all email templates by using the
{branding_secondary}
dynamic tag variable. -
Branding Tertiary Color - This field is available in all email templates by using the
{branding_tertiary}
dynamic tag variable.
-
Branding Primary Color - This field is available in all email templates by using the
User Agent Filters
The User Agent Filters tab allows you to exclude actions coming from specified user agents.
- User Agent - The user agent that actions will not count if they come from.
- Service/Notes - Information about the user agent.
- Actions - The number of actions in your account that are coming from the user agent entry.
- Type - "Account" if the user agent actions are being excluded on your account only; "Community" if the user agent is being excluded system-wide.
- Created - Date the filter was created.
- Status - Green if the entry is enabled, red if the entry is deactivated ("enabled" means PhishingBox is excluding the user agent actions from test results; "deactivated" means the filter is not being used).
- Actions - Deactivate/Restore the entry by clicking the button under Actions.
To create a user agent filter, click the 'Create' button. A popup will appear, allowing you to enter the user agent and add any relevant notes in the Service/Notes section.
Comments
0 comments
Please sign in to leave a comment.