This article describes how use the SAFE Phish functionality to quickly and easily turn de-weaponized phishing attacks that specifically targeted their organization into custom Mimecast Awareness Training phishing templates to use as training exercises, and is intended for Administrators.
This functionality is only available if Targeted Threat Protection - URL Protection is enabled on your account.
Automatic Creation of Phishing Templates
With Mimecast Targeted Threat Protection – URL Protection configured, URLs are rewritten at the gateway by Mimecast before they reach a user’s inbox, thereby neutralizing the threat. If a user opens a phishing email and clicks on a rewritten URL, the following occurs:
-
A Targeted Threat Protect block page is displayed with an educational message at the point of risk. See the URL Protect embedded links page for more details.
- The SAFE Score User Risk Human Error grade is updated in Program Overview and the Risk Center. See How Risk Scoring Works.
- The original email with the de-weaponized URL is automatically pulled into Mimecast Awareness Training as a new phishing template with a:
-
- Count of how many users in the organization clicked on the real phishing link.
- Timestamp of the most recent click.
Creating a Custom Template
A log file is created if a Targeted Threat Protection - URL Protection rewritten link is clicked, with its language the same as the original message. For example, if the phishing email is written in French, the log file template is also in French.
You can create a custom template using a deweaponized phishing attack by using the following steps:
- Log in to the Mimecast Awareness Training platform.
- Navigate to Phishing Training | SAFE Phish.
- Choose the log to convert to a template.
- Complete the Template form.
| Field / Option | Description |
| Language | Select a language. Custom templates aren't translated and therefore, the Email Template will need to be manually translated into your chosen language. |
| Template Title | Enter a title for the template to enable you to identify it. |
| Subject | Enter a subject that is displayed in the phishing template's subject (e.g., "Amazon Gift Card"). |
| From Email | Select the email address from which the phishing template is to be sent. |
| Display Name | Enter the display name you want the recipients to see. |
| Difficulty | Select the Difficulty level of out-of-the-box phishing templates. |
| Include Attachment | Toggle to enable the option to add an attachment. |
| Attachment Name | Enter the display name of the attachment, which will be visible to the recipient. |
| Attachment Type | Choose an attachment format from the list (Powerpoint, Excel, Word, or HTML). |
| Category | Select a value from the dropdown to categorize the phishing template. |
| Tags | Enter up to 100 tags. You can search for phishing templates with a tag in the "Real Phishing Attacks" or "User Activity" tabs of the Phishing | Logs menu item. |
| Email Template | Edit the body and footer of the email template as required using the editor's toolbar icons. |
| Landing Page Footer | Edit the body and footer of the email template as required using the editor's toolbar icons. |
- Click on Create.
During the editing process, you can make amendments on the left side and see a preview of your changes on the right side.
Building a New Multi-Stage Campaign
You can build a single or multi-stage phishing campaign to simulate a dangerous URL or a credential harvesting attack by using the following steps:
- Log in to the Mimecast Awareness Training platform.
- Navigate to Phishing Training | Template Library | My Templates.
- Select the required template and click on Edit.
You also have the option to click Copy to copy a template.
- Click Phishing Form.
- Complete the Phishing form:form:
| Field / Option | Description |
| Upload a Logo | Upload a logo to use, maximum size of 2 MB. |
| Insert Background Image | Insert a background image to use, maximum size of 2 MB. |
| Header | You can toggle on the Header field and enter text to use. |
| Field Types | Enter details on the field types provided |
| Add Field | You can use this to add more fields (limited to three items). |
| Footer | You can toggle on the Footer field and enter text to use. |
| Button Label | You can amend the text used on the Button. |
| Colors | You can set the color of the button, form, background and text |
- Click on Done.
Comments
Please sign in to leave a comment.