Customizing Emails and Landing Pages

We offer a variety of built-in phishing emails and landing pages within the KMSAT console, but you also have the option to create and manage your own phishing emails and landing pages. To learn how to customize your own phishing emails and landing pages, see the sections below or watch our Customization of Phishing Templates and Landing Pages video.

Jump to:
Managing Phishing Email Templates

          My Templates

          System Templates

          Community Templates

Creating and Editing Email Templates

          Moving a Template from the Drafts Category

          Why Can't I Upload Images to Phishing Templates?

Managing Landing Pages
Creating and Editing Landing Pages

Managing Phishing Email Templates

In your KMSAT console, you can manage your phishing email templates and view the templates that we offer. To manage your phishing email templates, follow the steps below:

1. In your KMSAT console, navigate to the Phishing tab.
2. Select Email Templates.
3. Select the section of templates that you would like to view. You can choose from three sections: My Templates, System Templates, and Community Templates. To learn more about each of these template sections, see the subsections of this article below.

Back to Top

My Templates

In the My Templates section, you can view all the templates that you have created or edited, view any custom template categories that you’ve added, and create a new template. To learn more about the My Templates section, see the screenshot and list below:

1. Drafts: The Drafts category is where your newly created templates are saved by default. However, you cannot select an email template from this category when you create a phishing campaign. To use one of your custom templates in a phishing campaign, you’ll need to move the template from the Drafts category to another category. For steps on how to move a template from the Drafts category to another category, see the Moving a Template from the Drafts Category subsection of this article.
2. Category Options: These icons will display when you hover over a category name. The following options are available:
   • Edit: You can click the pencil icon to edit the category name.
   • Delete: You can click the trashcan icon to delete the category. Any templates that were included in a deleted category will be moved back to the Drafts category.
   • Hide: You can turn on the toggle to remove the category from the My Categories list. You cannot use templates from a hidden category in your phishing campaigns. For more information about hiding template categories, see our How Do I Hide Templates or Categories I Don't Want to Use? article.
3. + Add New Category: You can click this button to create a new category. When you click this button, enter a name for your category and click Save.
4. Selected Templates: If you select a check box next to a template name, the Selected Templates header will open at the top of the section. From this header, you can move, share, and delete selected templates. To learn more about each of these actions, see the list below:
   • Share: You can click the arrow icon to submit the selected template or templates with the community. All templates are moderated before they are added to Community Templates.
   • Export: You can click the upward arrow icon to export a CSV file of the selected templates. 
   • Delete: You can click the trashcan icon to permanently delete the selected template or templates.
   • Move to Category: You can click this drop-down menu to move the selected templates to a different category. Select the category, then click Move.
5. Template Name: If you click the name of the template, the template will open in our What You See is What You Get (WYSIWYG) editor.
6. Actions: In this column, you can choose to preview, hide, or show templates. For more information about these actions, see the list below:
   • Preview Template: You can click the eye icon to preview the template. When you click this icon, a pop-up window will open and you can see what the template will look like in your users' inboxes. When previewing the template, you will see the Send Me a Test Email button in the top-right corner of the template preview window. Clicking this button will send an example of the template you are previewing to your email address.
     
     Note: We do not recommend using the Send Me a Test Email button to test your whitelisting permissions. The test email that is sent using this button will look like a phishing campaign email, but it will not have all of the same functionalities as a campaign email. To thoroughly test whitelisting, we recommend creating a test phishing campaign, as outlined in our Quickstart Implementation Guide.
   • Hide or Show Template: You can click the toggle to remove the template from view and disable the use of this template within your phishing campaigns. For more details about hiding templates, see our How Do I Hide Templates or Categories I Don't Want to Use? article.
7. Search: In the Search bar, you can search for a specific template by entering keywords from the template title. You can also sort templates by clicking the table headers.
8. +Create Phishing Template: You can click this button to open the New Phishing Email Template window.

Back to Top

System Templates

In the System Templates section, you can find professionally-created templates that you can use in your phishing campaigns. You can also edit these templates to customize them for your organization. To learn more about the System Templates section, see the screenshot and list below:

1. System Categories: In this menu, you can find our professionally-created templates, which are organized by type and by language. You can click on a category to see a list of the phishing email templates within the category.
2. Hide: Click the toggle to remove it from view and disable the use of this category within your phishing campaigns. For more information about hiding template categories, see our How Do I Hide Templates or Categories I Don't Want to Use? article.
3. Selected Template: If you select the check boxes next to templates that you would like to add to your custom categories, the Selected Templates header will open at the top of the section. Select the category that you would like to add the template or templates to, then click Add.
4. Template Name: If you click the name of the template, the template will open in our What You See is What You Get (WYSIWYG) editor. When you edit one of our system templates, a copy of the template is made and the original system template will remain unchanged. Once saved, the edited template will be added to your Drafts category under My Templates and the original template will remain in the System Templates section. 
5. Sort: You can click on the column headers to sort the templates. You can sort by difficulty rating to decide how difficult the phishing tests will be for your users to detect, or you can sort by date to find the newest templates within a category.
6. Actions: In this column, you can choose to preview, hide, or show templates. For more information about these actions, see the list below:
   • Preview Template: You can click the eye icon to preview the template. When you click this icon, a pop-up window will open and you can see what the template will look like in your users' inboxes. When previewing the template, you will see the Send Me a Test Email button in the top-right corner of the template preview window. Clicking this button will send an example of the template you are previewing to your email address.
     
     Note: We do not recommend using the Send Me a Test Email button to test your whitelisting permissions. The test email that is sent using this button will look like a phishing campaign email, but it will not have all of the same functionalities as a campaign email. To thoroughly test whitelisting, we recommend creating a test phishing campaign, as outlined in our Quickstart Implementation Guide.
   • Hide or Show Template: You can click the toggle to remove the template from view and disable the use of this template within your phishing campaigns. For more details about hiding templates, see our How Do I Hide Templates or Categories I Don't Want to Use? article.
7. Search: In the Search bar, you can search for a specific template by entering keywords from the template title. You can also sort templates by clicking the table headers.

Back to Top

Categories with a (Not PST) Label

In our System Templates, there are a couple template categories that contain templates that are not intended to be used in Phishing Security Tests (PSTs). We offer two types of system templates that are not intended to be used as PSTs: our Security Hints & Tips newsletter and our Scam of the Week newsletter. The categories that contain these templates have a (Not PST) label at the end of the template name.

Our Security Hints & Tips newsletters and Scam of the Week newsletters contain information about common or popular security threats and how to stay safe from these threats. For more information about these newsletters, see our What Is the Security Hints and Tips Newsletter? article and our What Is the Scam of the Week? article.

Back to Top

Community Templates

In the Community Templates section, you can find templates submitted by other KnowBe4 users. Before these templates are added to the Community Templates category, they are reviewed by our KnowBe4 team and verified for quality. When you create a phishing campaign, templates from this category will not appear in the Template Categories drop-down menu by default.

To move a community template to another category so that you can use the template in a phishing campaign, follow the steps below:

1. From the Community Templates template list, select the check box next to one or more email templates that you would like to use.
2. Click the Add to Category drop-down menu at the top-right corner of the section and select which categories you would like to add the template or templates to.
3. Click the Add button. After you click this button, the template or templates will be added to the categories you selected.

We encourage our customers to create their own phishing email templates for the most effective phishing tests. If you create a template that you think would be useful to other organizations, you can share the template with your community by following the steps below:

1. Navigate to the My Templates section.
2. Select the check box next to the template that you would like to share.
3. Click the arrow icon in the header that opened at the top of the section. After you click this icon, the template will be submitted for approval.

Back to Top

Creating and Editing Email Templates

In the My Templates area, you are given the option to create your own email templates from scratch. Click the + Create Phishing Template button in the upper right-hand corner of the screen. This launches the WYSIWYG editor.

1. Language (optional): From this drop-down menu, you can select which language this template was written in. Templates with a language selected will be available for use in localized phishing campaigns.
   • When copying a system or community template, this drop-down will automatically populate with the language for that template. 
2. Template Name (optional): You can give your template a name to help you identify it. This field is not visible when users receive the phishing email.
3. Sender's Email Address: Use this field to change the address the email will appear to be coming from. You can use any email address you’d like.
4. Sender's Name (optional): You can enter a Sender’s Name which will appear on the phishing email. This name will be displayed next to the sender’s email address in the email.
5. Reply-To Email Address (optional): You can add an email address that you would like the user to reply to when they click “Reply”. This email address will be overwritten by our system-generated email address so we can capture replies if you have our Reply-To feature turned on. When a user clicks reply, they will see the system-generated email address in the “To” field.
6. Reply-To Name (optional): Enter text here to add a reply-to name. This name will only be used if you use our Reply-To feature. When a user replies to this email, the “To” field will automatically populate with the name you entered in this field.
7. Subject: This is the email’s subject line that the recipient will see in their inbox. This field will also be used as the title of the template if you do not enter a template name.
8. Attachment Filename (optional): If you use an attachment, use this field to enter a name for the attachment. An example template would prompt the user to open the file, i.e. “Payroll Q4” or “Revised layoff list”. You do not need to include the file extension in the file name. You cannot use placeholders in attachment filenames.
9. Attachment Type (optional): If you would like to add one of our attachments to your custom phishing email, specify the type of attachment you want to use. See our Creating and Managing Phishing Campaigns article for more information on Attachment Tests.
   
   Note: When resizing images, always edit the "width" and "height" values in the image's style tag. For more information, see this article.

10. Source: Click this button to switch to a Source code view of your template. If you are familiar with HTML, you can use this view to create your template instead of the WYSIWYG editor.
11. Image: This button allows you to add an image to your phishing template. You must use externally hosted images, meaning you must insert a publicly available URL into the URL field after clicking the button. Use the height and width fields to resize the image. For information on why we only allow public URLs, please see the Why Can't I Upload Images to Phishing Templates? section below.
12. Placeholder: The Placeholder options will automatically populate the template with your user and organization information or random values, depending on which placeholder you select. For the user information placeholders, such as First and Last Name and Manager Name, you must have added that information about the user to the console. That information can be added with a CSV import or with Active Directory Integration. For more information on placeholders, see our How To Use Placeholders article.
13. Phish Link: Our Phish Link button allows you to add a phishing link in the body of the email. The Phish Link button is already added in our system templates, but when customizing or creating templates, you will need to do the following:
    • Type the text you wish to make into a phishing link, then highlight the text and click the Phish Link button to turn it into a phishing link. If you create an HTML link in a phishing template, our system will automatically change the links to phishing links for security purposes.
14. QR Code: This button allows you to add a QR code to your phishing template. Your users will be redirected to a landing page if they scan the QR code. For more information, see our How to Use QR Code Phishing Security Tests article.
15. Red Flag: Platinum and Diamond customers can use our Red Flag (Social Engineering Indicators) button to add a hint to the user who clicks a link on this phishing email as to why the user should have been alerted this email was potentially dangerous. For more details on how to add red flags, and recommended practices, click here to view our SEI Product Manual.
16. Body: ln the body of your phishing template, add any text that you'd like. There are simple text formatting options you can use to customize the appearance of your template. You can easily add tables, lines, and more by using the buttons available in the WYSIWYG.
17. Landing Page: This is the page your users will be redirected to if they click on your phishing link. You can choose from our system landing pages or your own custom landing pages. You can also set a default landing page under your Account Settings which will be used across all phishing campaigns automatically.
    Note: If you select a landing page when creating a phishing campaign, it will override the template-specific landing page you've chosen in the WYSIWYG editor and your default landing page.
18. Choose a Landing Domain: The landing domain is the web address the user will see on the landing page. The domains you can pick from are all KnowBe4-owned domains. Changing the landing domain can be helpful if you are also using one of our “phishing for sensitive information” landing pages. We have domains that can appear legitimate and make the user feel more comfortable about entering their username, password, or any other information the page is requesting. You can also set a default landing domain under your Account Settings which will be used across all phishing campaigns automatically.
    
    Note: We do not keep or track what your users enter on data-entry style pages.
19. Difficulty Rating: You can assign a difficulty rating to your custom phishing email templates. The difficulty rating will indicate how difficult that particular phishing email will be for your users to identify.

Back to Top

Moving a Template from the Drafts Category

When you create a custom template, the template will be moved to the Drafts category of your My Templates section automatically. To use a custom template in a phishing campaign, you'll need to move the template from the Drafts category to any of the other categories in the My Templates section.

To move a template from the Drafts category to another category, follow the steps below:

1. From the list of categories on the far-left corner of the My Categories section, click Drafts.
2. Select the check box next to the template or templates that you would like to move to a new category. When you select the chex box, a Selected Templates header will display at the top of the section.
3. In the Selected Templates header, click the Move to Category drop-down menu.
4. From the drop-down menu, select the category that you would like to add the selected template or templates to.
5. Click Move.

Once you follow these steps, your template will be moved from the Drafts category to the category that you selected.

Back to top

Why Can't I Upload Images to Phishing Templates?

Out of our respect for intellectual property rights, we take steps to minimize the need for you to reproduce your copyrighted works in order to display them in your simulated phishing email templates.  Using the linking method, instead of embedding your images or uploading your images for us to host, serves two mutually beneficial purposes: (1) we provide a means for you to make more realistic simulated phishing email templates that may help preserve the integrity and proportions of the images you add to your templates; (2) despite the limited license you grant us to use the images you input in your console to provide our services to you (and in turn make available to your users), linking decreases the amount of "Customer Content" you have to share with us to achieve the same outcome.  This keeps both of our legal teams happy.

Back to Top

Managing Landing Pages

Landing pages are the pages your users see after they click on a phishing link in an email. From the Landing Pages tab, you can create your own custom landing pages and view our system landing pages.

Landing Pages Area

My Landing Pages:
Once you create your own custom landing pages, this area will show a list of your landing pages. You can edit them by clicking on the title or preview them by clicking the "eyeball" icon. To delete a landing page, select the checkbox next to the title and click the trash can icon.

Categories:
This area lets you create and manage your own landing page categories.

System Landing Pages:
This area contains the built-in landing pages KnowBe4 has created for your use. You can select a category to see a list of its landing pages.

To preview the landing page, click the "eyeball" icon.

You can sort the landing pages by the date they were last updated. Sorting this way allows you to find the newest Landing Pages.

You cannot share landing pages outside of the console using the preview URL or the URL within the text box. To share a landing page, you must set up a test phishing campaign with the user you'd like to share the landing page with. Alternatively, you can take a screenshot of the landing page you would like to share.

Click on the name of any landing page to open it in the WYSIWYG editor and edit it to your needs. If you save a landing page, it will create a copy under the “My Landing Pages” area. You will need to categorize it for it to show as an option when creating phishing campaigns.

Back to Top

Creating and Editing Landing Pages

In the My Landing Pages area, you have the option to create your own landing pages from scratch. Click the +New Landing Page button in the upper-right corner of the screen to open the landing page editor. You can place whatever content you wish here; however, any images you use must be hosted externally. Do not drag and drop images onto the editor.

If you want to create a landing page that tries to get the user to enter sensitive information, it is recommended you read our Working With Data Entry Landing Pages article for more information.

WYSIWYG Landing Page Editor Interface

1. Title: Give your landing page a title. This title will show in the My Landing Pages interface as well as in the Landing Page drop-down menu when creating a phishing campaign.
2. Source: Click this button to switch to the source code view of the landing page. If you're familiar with HTML, you can use this view to create the landing page.
3. Image: Click here to add an image to your landing page. You must use externally hosted images, meaning you must insert a publicly available URL into the URL field. You can also resize your image using the height and width fields.
4. Placeholder: The placeholder options automatically populate the landing page with your user and organization information. For the user information placeholders, such as First and Last Name or Manager Name, you must have added that user information to the console. This could be with a CSV import or with Active Directory Integration. For more information, see our How To Use Placeholders article.
5. SEI Placeholders: The SEI feature is available to Platinum and Diamond subscription levels. It allows you to use the landing page as a point-of-failure training exercise, showing your user exactly what Social Engineering Indicators, or red flags, they overlooked when they clicked on a simulated phishing email. This placeholder is embedded into the landing page and points out the details that should have alerted the user that the landing page wasn't a legitimate site. See our Social Engineering Indicators article for more information.
6. Body: Add any text that you'd like. You can also add tables, lines, and more by using the buttons available in the WYSIWYG.

Back to Top