There are many ways you can automate phishing security tests using Smart Groups. In this video, we discuss how to create three Smart Groups to target in your tiered, or incremental, phishing campaigns.
This plan assumes that you will phish your users at least once per month. It begins by testing your users with the lower-difficulty rating templates, then, progressively moves toward the more sophisticated templates, as users learn how to detect the red flags of social engineering.
If users fail a phishing test under this plan, they're subsequently tested at a level below the phishing campaign they were a member of at the time of failure. Once users pass additional tests, they once again advance to the phishing campaign at the next difficulty level.
Note:As an alternative to this workflow, we've designed a simplified dynamic phishing test plan. The plan begins testing users with harder templates, but after one failure users are tested with easier phishing templates. For more information, see Videos: Automated Phishing and Remedial Training with Smart Groups.
If you choose to roll out this incremental phishing plan, watch the video below to create your Smart Groups. Then, see the details outlined below the video when you're ready to create the necessary phishing campaigns.
After creating the Smart Groups outlined in this video, create three phishing campaigns–one for each Smart Group. When creating your campaigns, use the image shown below for guidance. Pay attention to the following phishing campaign settings:
- Name: Use a descriptive phishing campaign name that reflects the Smart Group that is targeted under the campaign.
- Deliver To: Be sure to select the appropriate Smart Group for the campaign you're creating.
- Frequency: Select Monthly, or a more frequent interval to send phishing security tests.
- Difficulty Rating: Select the appropriate range of 1-5 star templates to correspond with the Smart Group that is targeted under the campaign.