This article describes how use the SAFE Phish functionality to quickly and easily turn de-weaponized phishing attacks that specifically targeted their organization into custom Mimecast Awareness Training phishing templates to use as training exercises, and is intended for Administrators.
This functionality is only available if Targeted Threat Protection - URL Protection is enabled on your account.
Automatic Creation of Phishing Templates
With Mimecast Targeted Threat Protection – URL Protection configured, URLs are rewritten at the gateway by Mimecast before they reach a user’s inbox, thereby neutralizing the threat. If a user opens a phishing email and clicks on a rewritten URL, the following occurs:
- A Targeted Threat Protect block page is displayed with an educational message at the point of risk. See the URL Protect embedded links page for more details.
- The SAFE Score User Risk Human Error grade is updated in Programme Overview, and Risk Center. See How Risk Scoring Works.
- The original email with the de-weaponized URL is automatically pulled into Mimecast Awareness Training as a new phishing template with a:
-
- Count of how many users in the organization clicked on the real phishing link.
- Timestamp of the most recent click.
Creating a Custom Template
A log file is created if a Targeted Threat Protection - URL Protection rewritten link is clicked, with its language the same as the original message. For example, if the phishing email is written in French, the log file template is also in French.
You can create a custom template using a deweaponized phishing attack, by using the following steps:
- Log in to the Mimecast Awareness Training platform.
- Navigate to Phishing Training | SAFE Phish.
- Choose the log to convert to a template.
- Complete the Template form.
Field / Option Description Display Title Enter a title for the template to enable you to identify it. Subject Enter a subject that is displayed in the phishing template's subject (e.g. "Amazon Gift Card"). From Email Select the email address from which the phishing template is to be sent. Keyword Specify a keyword that is appended to the source email address (e.g. "<keyword><from email>"). Category Select a value from the dropdown to categorize the phishing template. Tags Enter up to 100 tags. You can search for phishing templates with a tag in the "Real Phishing Attacks" or "User Activity" tabs of the Phishing | Logs menu item. Email Template Edit the body and footer of the email template as required using the editor's toolbar icons. Landing Page Footer - Click on Create.
During the editing process, you can make amendments in the left side, and see a preview of your changes on the right side.
Building a New Multi-Stage Campaign
You can build a single or multi-stage phishing campaign to simulate a dangerous URL or a credential harvesting attack, by using the following steps:
- Log in to the Mimecast Awareness Training platform.
- Navigate to Phishing Training | Template Library | My Templates.
- Select the required template and click on Edit.
You also have the option to click Copy to copy a template.
- Click Phishing Form.
- Complete the Phishing form:
| Field / Option | Description |
|---|---|
| Upload a Logo | Upload a logo to use, maximum size of 2 MB. |
| Insert Background Image | Insert a background image to use, maximum size of 2 MB. |
| Header | You can toggle on the Header field, and enter text to use. |
| Field Types | Enter details on the field types provided |
| Add Field | You can use this to add more fields (limited to three items). |
| Footer | You can toggle on the Footer field, and enter text to use. |
| Button Label | You can amend the text used on the Button. |
| Colors | You can set the color of the button, form, background and text |
- Click on Done.
Comments
Please sign in to leave a comment.