PhishingBox allows companies to create their own phishing template using our Phishing Template Editor.
If you are familiar with HTML, CSS, and Bootstrap, you can take your template customization even further. Even if you are not familiar with these technologies, our Phishing Template Editor still provides many tools to assist you in customizing templates to fit your needs. We also have numerous phishing templates instantly ready for you to start testing your employees.
An effective phishing campaign begins with a well-crafted email to lure in your target. Receiving an email from an unknown or suspicious looking email address usually raises a red flag, so you want to make sure your email looks as legitimate as possible. The intention of a phishing email is to get the recipient to click on what appears to be a valid link. An email is usually the starting point of all phishing scams and it is also the easiest to fake and produce. People often overlook the sender’s address and delve straight into the content.
Most legitimate financial services, utilities companies and other businesses will never ask you to provide personal information directly via email. So the key is to make the email experience seem very real with a sense of urgency. Genuine websites will never ask for your private information through email. This is a number one rule that you should always remember. Even if the information they are requesting seems harmless, be wary of giving away any details because they could be used to provide the sender with other clues to gain access, such as the answer to a security question.
The sheer number of emails zipping around cyberspace guarantees that your employees will receive phishing emails. Analysts from the Anti-Phishing Working Group (APWG) recorded more than 1.2 million phishing attacks in all of 2016. That’s an increase of 56% from the year before. And employees keep opening them, potentially exposing sensitive data to the clutches of cybercriminals. Assess your company’s organizational culture and then deploy anti-phishing as part of a comprehensive program of security behavior management and education. The best results come from using simulated phishing campaigns as ways to find members of your organization who need training the most.
What makes up a phishing template?
The phishing email is the lure of your PhishingBox template. The PhishingBox Template Editor allows for you to dress the email to your liking to reel in targets. Each of our templates contains a phishing hook that will pull an unsuspecting target to your customized phishing landing page.
Creating a landing page is just as important as creating a phishing email. The landing page is what employees see if they click on the link in the email or fill out the data entry form and is intended to be both a “gotcha” as well as an incentive for them to learn more.
Simulated attacks can help convince users to take training. Our results have shown that users who fall for more sophisticated emails are 90% more likely to complete follow-up education, which is critical for long-term behavior change.