Working with PhishRIP and PhishFlip

PhishFlip Guide

With PhishFlip, you can use users’ reported emails to create phishing templates for your KMSAT console. You can also create automatic PhishFlip phishing campaigns. When turning a reported email into a phishing template, PhishFlip removes the potentially malicious elements in the email.

Important:PhishFlip does not remove images in emails. If you use PhishFlip to turn a message containing a QR code or other image into a phishing template, KMSAT retains the original QR code or image in the template.
Important:In order to use the PhishFlip feature, you must have Full PhishRIP Security Role. To learn how to create and update Security Roles, see the Roles section of our PhishER Settings article.

Creating KMSAT Templates with PhishFlip

In your PhishER platform, there are three places where you can create KMSAT templates: the Run drop-down menu, the Message Details page, or the Actions tab. See the subsections below for steps for each of these methods.

Note:Any messages that have been turned into templates with PhishFlip will display in your KMSAT console. To find PhishFlip templates in your KMSAT console, navigate to the Phishing tab. Then, navigate to Email Templates > My Templates and select the PhishFlip category.

Method 1: Run Drop-Down Menu

To create a KMSAT template from the Run drop-down menu, follow the steps below:

  1. Log in to your PhishER platform.
  2. Navigate to the Inbox tab.
  3. Click the check box next to the messages you would like to turn into a phishing template. Select a message
  4. Click the Run drop-down menu in the top-left corner of the page.
  5. Click Create KMSAT Template. When you click this button, PhishFlip will create and add the new template to your KMSAT console.Create KMSAT Template
Tip:You can also create KMSAT templates from PhishRIP queries that you have created. To create a template from a PhishRIP query, navigate to the PhishRIP tab of your PhishER platform and click the query you want to use as a template. Then, follow step two through step four above.

Method 2: Message Details Page

To create a KMSAT template from the Message Details page, follow the steps below:

  1. Log in to your PhishER platform.
  2. Navigate to the Inbox tab.
  3. Click a message to open the Message Details page.
  4. In the Actions and Discussion sidebar, click the Run drop-down menu.
  5. Click Create KMSAT Template. When you click this button, PhishFlip will create and add the new template to your KMSAT console.
Tip:You can also perform this action from the PhishRIP Message Details page. Use the SourceID found on the PhishRIP Queries page to open the PhishRIP Message Details page. Then, follow step two through step four above to create a KMSAT phishing template.

Method 3: Actions Tab

To create a KMSAT template from the Actions tab, follow the steps below:

  1. Log in to your PhishER platform.
  2. Navigate to the Actions tab.
  3. In the top-right corner of the page, click New Action to open the Action Details page. New Action
  4. Enter a name and a description for the action. We recommend assigning a meaningful name and description to your action.
  5. Click the 7. Find Similar Messages drop-down menu, then select the Create a KMSAT Phishing Template option.
    Important:The options in this step will not be available if Every Message is selected in 1. Choose how this action should be triggered.
    Create a KMSAT Phishing Template option
  6. (Optional) Select the Automatically PhishFlip all found messages option if you would like to use PhishFlip for all messages triggered by this action.
  7. Click Save Action.

Creating Automatic PhishFlip Campaigns

In your PhishER platform, there are two ways to create an automatic PhishFlip campaign: the Actions tab and the PhishRIP Queries page. See the subsections below for steps for each method.

Note: All of the automatic phishing campaigns will use the default landing page from your KMSAT Account Settings. To learn how to change your default landing page, see our KMSAT Account Settings: Phishing article.

Method 1: Actions Tab

To create an automatic PhishFlip campaign from the Actions tab, follow the steps below:

  1. Log in to your PhishER platform.
  2. Navigate to the Actions tab.
  3. Enter a name and a description for the action. We recommend assigning a meaningful name and description to your action.
  4. Click the 7. Find Similar Messages drop-down menu, then select the Automatically PhishFlip all found messages.
    Note:When the Automatically PhishFlip all found messages option is selected, PhishER uses the emails found by PhishRIP queries to automatically create phishing templates and start phishing campaigns in KMSAT. The automatic phishing campaigns send the simulated phishing emails to the users who received the original, malicious emails.
  5. Click Save Action.

If the action is set to run automatically, the PhishFlip campaign will run once the action is triggered. To learn how to configure your action to run automatically, see our How to Create and Manage PhishER Actions article.

Note:For campaign setup details, see the below Automatic Campaign Details subsection.

Method 2: PhishRIP Queries Page

To create an automatic PhishFlip campaign from the PhishRIP Queries page, follow the steps below:

  1. Log in to your PhishER platform.
  2. Navigate to the PhishRIP tab.
  3. In the ID column, select the query you want to make a campaign from to open the PhishRIP Messages page.
  4. Select the check box next to the messages that you would like to include in the campaign.
  5. Click the Run drop-down menu in the top-left corner of the page.
  6. Select PhishFlip. When you select this option, PhishFlip will move the emails from the users' inboxes to the Quarantine folder, create a KMSAT phishing template, and then start a PhishFlip campaign.

To find your new phishing campaign in your KMSAT console, select the Phishing tab and navigate to Campaigns > PhishFlip.

Note:For campaign setup details, see the below Automatic Campaign Details subsection.

Automatic Campaign Details

After you create a PhishFlip campaign, users who received the original email will be automatically added to the campaign. The campaign will run for three days and will use your default landing page. To learn how to change your default landing page, see our KMSAT Account Settings: Phishing article.

Note:If you want to send a PhishFlip campaign to all of your users, you can create a phishing campaign with your PhishFlip templates.

Creating Phishing Campaigns with PhishFlip Templates

To create a phishing campaign using your PhishFlip templates, log in to your KMSAT console and click the Phishing tab. Then, navigate to Email Templates > My Templates and select the PhishFlip category.

For more information on how to create and manage your phishing campaigns, see our Creating and Managing Phishing Campaigns article.

Viewing Reports with PhishFlip Campaign Data

In your KMSAT account, you can create and view reports about your phishing campaigns. You can customize the report on the Phishing Security Test page to include your PhishFlip campaign data.

To customize this report with your PhishFlip campaign data, follow the steps below:

  1. Log in to your KMSAT console.
  2. Navigate to Phishing > Reports.
  3. Select the Include PhishFlip Campaigns drop-down.
  4. Select an option from the Include PhishFlip Campaigns drop-down menu. For more information about these options, see the screenshot and list below: Include PhishFlip Campaigns drop-down menu
    • Include PhishFlip: Select this option to include data from all of your phishing campaigns in your report, including PhishFlip campaigns.
    • Exclude PhishFlip: Select this option to include data from all phishing campaigns in your report, except for PhishFlip campaigns.
    • Only PhishFlip: Select this option to only include data from PhishFlip campaigns in your report.

For more information about the report on the Phishing Security Test page, see our How to Monitor and Review Overall Phishing Reports article.

Can't find what you're looking for?

Contact Support
circle-arrow-up