In the "Company Management" section, under "Setup > Phishing", you can manage all settings related to the Cyber Guru Phishing service and the PhishPro Add-on.
-
The "Suspend" toggle allows you to stop the creation of new campaigns at the end of the last active campaign and prevents the start of already approved campaigns.
-
The "Phishing Report" option, if enabled, allows you to view, within the phishing statistics, the percentage of users who correctly reported suspicious emails sent by Cyber Guru.
-
"Default Landing Page": through this menu, you can select which landing page will be set as default for simulations, in case another landing page is not specified within the template.
-
Campaign Duration: the indicated duration will be applied to all default campaigns, unless specific changes are made to particular campaigns.
The duration must be indicated using the format "PNdaysD". For example, for a 15-day campaign, you should enter "P15D". The campaign duration represents the period during which all user interactions with the received templates will be recorded.
NOTE: Any interaction after the period indicated as the campaign duration (reports or clicks) will NOT be RECORDED ON THE PLATFORM.
-
Email Sending Period Duration: this value must be less than the overall campaign duration. For example, email sending can be spread over 25 days, while for the next 5 days (for a total of 30 days) user interactions with the templates will continue to be recorded.
-
Onboarding Phase Cycle: this value can be set to 1 or 3 and indicates the number of identical campaigns (with the same templates) that will be repeated to analyze the behavior of the company population.
-
Templates Proposed by Country: each template can be targeted to specific countries or used globally (cross-country). When a user list is uploaded, the COUNTRY field is specified for each user. The platform's artificial intelligence algorithm selects, when proposing a new campaign, templates suitable to cover all the countries where the company population is distributed.
With this parameter, you can establish the number of templates for each active country on the company to include in the campaign. For example, setting a number of 5 templates per country, the campaign will propose a minimum of 5 templates (if all cross-country) up to a maximum of 5 templates x Country (if all templates are specific)
If I have 2 active countries, for example, I can have a minimum of 5 cross-country templates up to a maximum of 10 (in the case of specific templates).
Minimum Templates to Include: this parameter allows you to specify the minimum number of templates that must be active in a campaign for it to be approved. For example, if you set a minimum of 9 templates, if you try to approve a campaign with a lower number (for example 6), an error message will be generated indicating that the number of templates is insufficient compared to the required number and the campaign CANNOT be approved
If the "minimum templates to include" field is populated (with a value of 7, for example) and the "templates proposed by country" field (with a value of 10, for example)
If the number of active templates on the campaign is less than 7, the campaign CANNOT be approved. If the number of active templates valid for each country is less than the value indicated in "minimum templates to include" an ALERT MESSAGE will appear informing that the specific country will NOT receive 7 templates because there is a lower number (which does not prevent the campaign approval).
NOTE: If no value is specified in this field, by default the minimum value of templates to include is 7 templates.
Percentage of Specific Templates to Assign: templates can be classified as global or specific to the company. A global template is applicable to multiple contexts, while a company template is created specifically for a single company and applicable only in that context. With this parameter, you can define the percentage of specific templates to include in the campaign. For example, setting 50%, in a campaign of 10 total templates, 5 must be selected from those specific to the company.
Gamification Phishing
Points can be awarded to the user who correctly reports a phishing email and some can be removed if they click instead.
In case of a click, it is necessary to set the number of points to subtract with the sign (-)
In case of a report, it is necessary to set the number of points to add with the sign (+)
It is suggested to add/subtract a maximum of 2 points to not overly impact the users' points.
NB. The phishing scores will be visible to the user only upon campaign completion.
Additional "Add on" Settings
Finally, it is possible to enable some additional options related to the campaign
-
Enable SMS Template: in case of smishing, it is necessary to enable this option.
-
Enable Automatic Approval for Campaigns: if this option is active, when the start date of a campaign arrives, if it has not yet been manually approved, the approval will be automatic. NOTE: The campaign start time must be set before 1 am, otherwise the campaign will start the day after the indicated date.
- Embed Images: allows you to automatically embed images in base64 within emails (instead of being linked to external sources). IMPORTANT: If the customer has Google infrastructure, the option must be DISABLED. Gmail does not natively support base64 encoded images within email messages.
- Hide Risk Evolution in Phishing Report: if this option is enabled, when downloading the campaign report, the phishing risk of each user will not be shown.
Add on Phish Pro
-
Enable QR Code Attack: QR Code attacks are included in the "Phish Pro" service. If the company has purchased this service, it is necessary to enable this option to allow the activation of attacks via QR Code.
-
Enable USB Attack: USB attacks are included in the "Phish Pro" service. If the company has purchased this service, it is necessary to enable this option to allow the activation of attacks via USB.
-
Enable Video Attack: Video attacks are included in the "Phish Pro" service. If the company has purchased this service, it is necessary to enable this option to allow the activation of attacks via video.