Tisalabs Knowledge Base

Phishing Use Case: Email Spoofing - A Tutorial

 Predictive Phishing use case examples

 

1.2 General Case  :

This case will walk you through the complete process of launching a successful Email Spoofing campaign.

To launch the campaign access the Phishing features using the below steps:

  • Login to Predictive 
  • Go to Phishing Predictive>  Cyber Awareness> Phishing
  • Click on Phishing Interface

 

 

Login to the Phishing Interface

  1. Setup Sending Profiles.

    2. here we set up the Sender’s profile.

    The only thing to pay attention to is the password, which should be the app password and not the Gmail account login password.
    here is a link that will walk you through the app password generation:

    https://devanswers.co/create-application-specific-password-gmail/

    2.  Test the setup by clicking Send Test Email, to ensure emails are sent successfully.

    3.In case there are multiple targeted accounts, Predictive allows the upload of a CSV with user information. Just make sure to work with the right CSV format following header values:

    • First Name
    • Last Name
    • Email
    • Position

    4. Next is configuring the Email Templates for your campaign.

    For email templates, there are two options — Text or HTML.

    We chose to go with HTML because it is easy and flexible.

    Use an online HTML editor for editing real-time HTML, refer https://html-online.com/editor/ 

    The HTML contained images. For that, we needed the images to be hosted online. we used https://imgbb.com/. Once uploaded an image, we are provided with an HTML full linked tag. Use it in our HTML editor.

    Once the HTML is ready, paste it to the HTML placeholder at Predictive.

    5. Setup landing page — The landing page is the targeted page an employee will be re-directed when clicking (oh no…) the link.

    6. For testing the campaign, create a new campaign. Fill in the blanks.

    Next, test it by sending the email to a test account by launching a campaign.

    When all seems to be received right, and you’re happy with the HTML template, target your audience and go watch the dashboard to monitor sent and opened emails, and who falls for the link and clicks it.

    Predictive Phishing provides an excellent dashboard for that.

     

     

Contact Our Team

If you still can't find an answer to what you're looking for, or you have a specific question, open a new ticket and we'd be happy to help!

Contact Us
Powered by Uvdesk, an open-source project by Webkul.