Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Română Русский svenska ไทย Türkçe Українська Tiếng Việt 简体中文 繁體中文

PhishFlip

Updated:

Created:

PhishFlip

PhishFlip is a PhishER feature that allows your organization to reuse user-reported emails in phishing campaigns in your KMSAT console. PhishFlip will remove all of the malicious elements from the reported emails so that they are safe to send to your users. Any attachments will also be replaced with safe attachments that copy the name and file type from the original reported email.

In order to use the PhishFlip feature, you must have Full PhishRIP security role access enabled on your PhishER platform. To learn how to create and update security roles, see our PhishER Settings article.

Jump to:
Creating KMSAT Templates from PhishER

Creating Automatic PhishFlip Campaigns

Creating Phishing Campaigns with PhishFlip Templates

Reports

 

Creating KMSAT Templates from PhishER

PhishFlip will automatically create a KMSAT phishing template once a PhishFlip is initiated or when you select the Create KMSAT Template option in the PhishER platform.

To create KMSAT templates, you can use the Run drop-down menu, the Message Details page, or the Actions tab. Use the drop-down menu below to view the steps for each method.

Any messages that have been successfully PhishFlipped will appear in your PhishFlip template category under your My Templates section in your KMSAT console.

Method 1: Run drop-down menu

  1. Navigate to PhishER > Inbox.
  2. Click the check box next to the message you want to select. The Run drop-down menu will display in the top-left.
  3. Click the Run drop-down menu.
  4. Click the Create KMSAT Template option. This will create and add the new defanged templates to the PhishFlip category under the My Templates category.

Using this option, you can create a PhishFlip campaign inside of the KMSAT console to include all of your users or specific users and any of your new PhishFlip templates.

You can follow the steps above to create KMSAT Templates from previously created PhishRIP Queries. Navigate to PhishRIP then click the query you want to make templates from and follow steps 2 to 4 from above.

Method 2: Message Details page

  1. Navigate to PhishER > Inbox.
  2. Click a message. This will open the Message Details page.
  3. In the Actions and Discussion sidebar, click the Run drop-down menu.
  4. Click the Create KMSAT Template option. This will create and add the new defanged templates to the PhishFlip category under the My Templates category.

Using this option, you can create a PhishFlip campaign inside of the KMSAT console to include all of your users or specific users and any of your new PhishFlip templates.

You can also perform this action from the PhishRIP Message Details page. Use the SourceID found on the PhishRIP Queries page to open the PhishRIP Message Details. Then, follow step 2 through step 4 above to create a KMSAT phishing template.

Method 3: Actions tab

  1. Navigate to PhishER > Actions.
  2. Name and add a description for the action. We recommend assigning a meaningful name and description to your action.
  3. In the Find Similar Messages section, select the Create a KMSAT Phishing Template option.
  4. (optional) Select the Automatically PhishFlip all found messages option if you would like to PhishFlip all messages triggered by this action. This option becomes available if you have a Security Role with Full PhishRIP access. 

Back to Top

 

Creating Automatic PhishFlip Campaigns

You can create automatic PhishFlip campaigns of specific user-reported emails from the PhishER platform. This can be accomplished from the Inbox, Actions, Message Details, PhishRIP Queries, and PhishRIP Message Details.

Using the Automatically PhishFlip all found messages option is an automated Action. The automatic campaigns created from this process will be for the users who received the non-simulated version of the email. This will include any message that is found during the PhishRIP query and is generated from the automated action.

Note: All of the automatic phishing campaigns will use the default landing page that was set in your KMSAT Account Settings. To learn how to change your default landing page, see our How to Edit Your Account Settings article.
Method 1: Actions

  1. Navigate to PhishER > Actions.
  2. Name and add a description for the action. We recommend assigning a meaningful name and description to your action.
  3. In the Find Similar Messages section, select the Automatically PhishFlip all found messages option if you would like to PhishFlip all messages triggered by this action.

If the Action is set to run automatically, the PhishFlip campaign will run once the Action is triggered. For more information on how to configure your Action to run automatically, see our How Do I Create a Rule and Action in PhishER article.

Note: For campaign setup details, see the Automatic Campaign Details section below.

Method 2: PhishRIP Queries

  1. Navigate to PhishER > PhishRIP.
  2. Click the desired PhishRIP Query ID. This will open the PhishRIP Messages page.
  3. Mark the check box next to the message to see the Run drop-down menu.
  4. Click the Run drop-down menu.
  5. Click the PhishFlip option. This will move the email from the user's mailbox to the Quarantine folder, create a template in KMSAT, then start a PhishFlip campaign.

To find your new phishing campaign in KMSAT, navigate to Phishing > Campaigns and use the PhishFlip filter.

Note: For campaign setup details, see the Automatic Campaign Details section below.

Back to top

 

Automatic Campaign Details

After you create a PhishFlip campaign using one of the methods above, users who received the original, non-simulated version of the reported email will be added automatically. The campaign will run for three days. All of the automatic phishing campaigns will use the default landing page that was set in your KMSAT Account Settings. To learn how to change your default landing page, see our How to Edit Your Account Settings article.

Note: If you want to send a PhishFlip campaign to all of your users, you can create a phishing campaign with your PhishFlip templates.

Back to top

 

Creating Phishing Campaigns with PhishFlip Templates

To create a phishing campaign using your PhishFlip templates, go to the Phishing tab of your KMSAT console and use your PhishFlip templates. For more information on how to create and manage your phishing campaigns, please see our Creating and Managing Phishing Campaigns article.

 

Reports

Using the Include PhishFlip Campaigns drop-down, you can include, exclude, or only show PhishFlip campaign data in your reports. 

If you select the Include PhishFlip option, the report will include data from all our your phishing campaigns, including PhishFlip campaigns.

If you select the Exclude PhishFlip option, the report will include data from all phishing campaigns except for PhishFlip campaigns.

If you select the Only PhishFlip option, the report will include data from only PhishFlip campaigns, excluding all other phishing campaigns.

For more information on how to generate different types of reports using or excluding PhishFlip data, see our How to Monitor and Review Overall Phishing Reports article.

Back to top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles