Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Português (Portugal) Română Русский svenska ไทย Türkçe Українська Tiếng Việt 简体中文 繁體中文

How to Create and Edit Email Templates and Landing Pages

Updated:

Created:

Creating and Editing Email Templates and Landing Pages

In your KMSAT console, you can create and edit phishing email templates and landing pages from the Phishing tab. You can then use these templates and landing pages in phishing campaigns to test your users. To learn more about creating phishing email templates and landing pages, read the sections below or watch our Customization of Phishing Templates and Landing Pages video.

Jump to:

Creating and Editing Phishing Email Templates

Creating and Editing Landing Pages

Why Can't I Upload Images to Phishing Templates?

 

Creating and Editing Phishing Email Templates

In your KMSAT console, you can create and edit phishing email templates. To create or edit a template, follow the steps below:

  1. In your KMSAT console, navigate to the Phishing tab.
  2. Select the Email Templates subtab.
  3. To create a new email template, click the +Create Phishing Template button. To edit an existing template, click the name of that template.

When you click the +Create Phishing Template button or the name of an existing template, the template editor will open. From here, you can create or edit the template. See the images below for more information on how you can customize your phishing email template.

Tip: The sections that have the Add a Red Flag text below them allow you to add red flags to those elements. Click the Add a Red Flag text to open a modal. You can enter the text you want to show along with the explanation of why it’s a red flag. This will help your users understand what red flags are from live examples in a detailed format.

  1. Language (Optional): From the drop-down menu, you can select the language for your template. While this is an optional step, templates with a language selected are available for use in localized phishing campaigns.
Note: When copying a system or community template, this field will populate with the language that template uses.
  1. Template Name: Enter a name for your email template in this field. The name you choose will not be visible to your users.
  2. Sender's Email Address: Enter an email address to show who sent the phishing email. You can choose any email address you would like, and users will see this email address in the email.
  3. Sender's Name (Optional): Enter a sender name to show who sent the email. You can choose any sender name you would like, and users will see this sender's name in the email.
  4. Reply-To Email Address (Optional): Enter an email address you would like your users to reply to when replying to a simulated phishing email. If you have enabled reply-to phishing, this email address will be overwritten by our system-generated email address so that we can capture replies. For more information on reply-to phishing, see our How to Use Reply-To Phishing article.
  5. Reply-To Name (Optional): Enter a name you would like to have users see when replying to a simulated phishing email. When a user replies to this email, the To field will automatically populate with the name you entered in this field.
  6. Subject: Enter the subject line that your users will see in their inboxes. This field will be used as the template’s name if you do not enter a template name.
  7. Attachment File Name (Optional): Enter a name for any attachments you would like to use in your email. The name can include placeholders.
  8. Attachment Type (Optional): Select the attachment type you would like to use from the drop-down menu.

  1. Source: Click the Source button to switch to a source code view. If you're familiar with HTML, you can use this view to create the template.
  2. Image: Click the image icon to open an image editor. You can only use externally hosted images, which means that you must insert a publicly available URL into the URL field after clicking the button. You can also add alternative text here for accessibility.
Note: When resizing images, always edit the width and height in the image's style tag. For more information on image resizing and why we only allow publicly available URLs, see the Help! The Images in My Phishing Template Are Not Showing Up Correctly article.
  1. Placeholder: Placeholders automatically populate the template with specific information. For placeholders to work properly, you must add user information such as user and manager names to your KMSAT console ahead of time. For more information on placeholders, see our How To Use Placeholders article.
  2. Phish Link: Add a phishing link to the email body. For steps on how to create a phishing link, follow these steps:
    • In the text field, enter the text you want to make into a phishing link. Then, highlight the text and click the Phish Link button to turn it into a phishing link. If you create an HTML link in a phishing template, our system will automatically change the link to a phishing link for security purposes.
  3. QR Code: Click the QR Code button to add a QR code to your phishing template. For more information on QR codes, see our How to Use QR Code Phishing Security Tests (PSTs) article.
  4. Red Flag: Platinum and Diamond customers can use our Red Flag button to explain what the social engineering indicators were in the phishing email. For more details on how to add red flags and recommended practices, see our Social Engineering Indicators (SEI) article.
  5. Body: Enter the text you want to display in your phishing email template. The What You See Is What You Get (WSYWIG) editor provides options for customizing your email template. You can add tables, lines, and more by using the buttons available in the WYSIWYG editor.
  6. Landing Page: Select a landing page from the drop-down menu. This page is where your users will be redirected if they fail a phishing test. You can choose from our system landing pages or your custom landing pages. 
Note: If you select a landing page when creating a phishing campaign, it will override the template you created/edited and the default landing page.
  1. Landing Domain: Select a web address from the drop-down menu that the user will see on the landing page. Changing the landing domain can be helpful if you are also using one of our Phishing for Sensitive Information landing pages. You can set a default landing domain on your Account Settings page, which will apply to all email templates you create.
  2. Difficulty Rating: You can assign a difficulty rating to your custom phishing email templates. The difficulty rating will show how difficult that particular phishing email will be for your users to identify.

Back to top

 

Moving a Template from the Drafts Category

When you create a phishing email template, it gets added to the Drafts category under My Templates. To use your template in a phishing campaign, you'll have to move the template from the Drafts category to any of the other categories in the My Templates section. Follow the steps below to move your template:

  1. In your KMSAT console, navigate to Phishing > Email Templates.
  2. In the My Categories section, click Drafts.
  3. Select the check box next to the template you want to move to a new category. A Selected Templates header will display at the top after selecting the check box.
  4. In the Selected Templates header, click the Move to Category drop-down menu.
  5. From the drop-down menu, choose the category you want to use for your selected template.
  6. Click Move.

Back to top

 

Creating and Editing Landing Pages

In your KMSAT console, you can create and edit landing pages. To create or edit a landing page, follow the steps below:

  1. In your KMSAT console, navigate to the Phishing tab.
  2. Select the Landing Pages subtab.
  3. To create a new landing page, click the +Create Landing Page button. To edit an existing landing page, click the name of that landing page.

When you click the +Create Landing Page button or the name of an existing landing page, the landing page editor will open. From here, you can create or edit the landing page. See the images below for more information on how you can customize your landing page.

  1. Title: Enter a title for your landing page here. This title will display in the My Landing Pages section of the Landing Pages subtab and in the Landing Pages drop-down menu when you create a phishing campaign.
  2. Source: Click the Source button to switch to a source code view. If you're familiar with HTML, you can use this view to create the landing page.
  3. Image: Click the image icon to open the image editor. You must use externally hosted images, which means that you must insert a publicly available URL into the URL field after clicking the button. You can also add alternative text here for accessibility.
Note: When resizing images, always edit the width and height in the image's style tag. For more information on image resizing and why we only allow publicly available URLs, see the Help! The Images in My Phishing Template Are Not Showing Up Correctly article.
  1. Placeholder: Placeholders automatically populate the template with specific information. For placeholders to work properly, you must add user information such as user and manager names to your KMSAT console ahead of time. For more information on placeholders, see our How To Use Placeholders article.
  2. SEI Placeholders: The Social Engineering Indicators (SEI) feature is available to Platinum and Diamond subscription levels. It allows you to show your users exactly what SEIs, or red flags, they overlooked when they clicked a simulated phishing link. For more information, see our Social Engineering Indicators (SEI) article.
  3. Body: Enter the text you want to display on your landing page. The What You See Is What You Get (WSYWIG) editor provides options for customizing your landing page. You can add tables, lines, and more by using the buttons available in the WYSIWYG editor.

Back to top

 

Moving a Landing Page from the Drafts Category

When you create a landing page, it gets added to the Drafts category under My Landing Pages. To use your landing page in a phishing campaign, you'll have to move it from the Drafts category to any of the other categories in the My Landing Pages section. Follow the steps below to learn how you can move your landing pages:

  1. In your KMSAT console, navigate to Phishing > Landing Pages.
  2. In the My Categories section, click Drafts.
  3. Select the check box next to the landing page you want to move to a new category. A Selected Landing Pages header will display at the top of the page after selecting the check box.
  4. In the Selected Landing Pages header, click the Move to Category drop-down menu.
  5. From the drop-down menu, choose the category you want to use for your selected landing page.
  6. Click Move.

Back to top

 

Why Can’t I Upload Images to Phishing Templates?

Out of our respect for intellectual property rights, we take steps to minimize the need for you to reproduce your copyrighted works in order to display them in your simulated phishing email templates. Using the linking method, instead of embedding your images or uploading your images for us to host, serves two mutually beneficial purposes: (1) we provide a means for you to make more realistic simulated phishing email templates that may help preserve the integrity and proportions of the images you add to your templates; (2) despite the limited license you grant us to use the images you input in your console to provide our services to you (and in turn make available to your users), linking decreases the amount of “Customer Content” you have to share with us to achieve the same outcome. This keeps both of our legal teams happy.

Back to top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles