Phishing Templates and Landing Pages

Create and Edit Email Templates and Landing Pages

In your KnowBe4 console, you can create and edit phishing email templates and landing pages from the Phishing tab. You can then use these templates and landing pages in phishing campaigns to test your users. To learn more about creating phishing email templates and landing pages, read the sections below or watch our Customization of Phishing Templates and Landing Pages video.

Creating and Editing Phishing Email Templates

In your KnowBe4 console, you can create and edit phishing email templates. To create or edit a template, follow the steps below:

  1. In your KnowBe4 console, navigate to the Phishing tab.
  2. Select the Email Templates subtab.
  3. To create a new email template, click the +Create Phishing Template button. To edit an existing template, click the name of that template.

When you click the +Create Phishing Template button or the name of an existing template, the template editor will open. From here, you can create or edit the template. See the images below for more information on how you can customize your phishing email template.

Tip:The sections that have the Add a Red Flag text below them allow you to add red flags to those elements. Click the Add a Red Flag text to open a modal. You can enter the text you want to show along with the explanation of why it’s a red flag. This will help your users understand what red flags are from live examples in a detailed format.

  1. Language (Optional): From the drop-down menu, you can select the language for your template. While this is an optional step, templates with a language selected are available for use in localized phishing campaigns.
    Note: When copying a system or community template, this field will populate with the language that template uses.
  2. Template Name: Enter a name for your email template in this field. The name you choose will not be visible to your users.
  3. Sender's Email Address: Enter an email address to show who sent the phishing email. You can choose any email address you would like, and users will see this email address in the email.
  4. Sender's Name (Optional): Enter a sender name to show who sent the email. You can choose any sender name you would like, and users will see this sender's name in the email.
  5. Reply-To Email Address (Optional): Enter an email address you would like your users to reply to when replying to a simulated phishing email. User replies will be sent to this email address unless reply-to phishing is enabled. When using reply-to phishing, this email address will be overwritten by our system-generated email address so that we can capture replies. For more information on reply-to phishing, see our How to Use Reply-To Phishing article.
  6. Reply-To Name (Optional): Enter a name you would like to have users see when replying to a simulated phishing email. When a user replies to this email, the To field will automatically populate with the name you entered in this field.
  7. Subject: Enter the subject line that your users will see in their inboxes. This field will be used as the template’s name if you do not enter a template name.
  8. Attachment File Name (Optional): Enter a name for any attachments you would like to use in your email. The name can include placeholders.
  9. Attachment Type (Optional): Select the attachment type you would like to use from the drop-down menu.
  10. Source: Click the Source button to switch to a source code view. If you're familiar with HTML, you can use this view to create the template.
  11. Image: Click the image icon to open an image editor. You can only use externally hosted images, which means that you must insert a publicly available URL into the URL field after clicking the button. You can also add alternative text here for accessibility.
    Important: When resizing images, always edit the width and height in the image's style tag. For more information on image resizing and why we only allow publicly available URLs, see the Help! The Images in My Phishing Template Are Not Showing Up Correctly article.
  12. Placeholder: Placeholders automatically populate the template with specific information. For placeholders to work properly, you must add user information such as user and manager names to your KnowBe4 console ahead of time. For more information on placeholders, see our How To Use Placeholders article.
  13. Phish Link: Add a phishing link to the email body. For steps on how to create a phishing link, follow these steps:
    • In the text field, enter the text you want to make into a phishing link. Then, highlight the text and click the Phish Link button to turn it into a phishing link. If you create an HTML link in a phishing template, our system will automatically change the link to a phishing link for security purposes.
  14. QR Code: Click the QR Code button to add a QR code to your phishing template. For more information on QR codes, see our How to Use QR Code Phishing Security Tests (PSTs) article.
  15. Red Flag: Platinum and Diamond customers can use our Red Flag button to explain what the social engineering indicators were in the phishing email. For more details on how to add red flags and recommended practices, see our Social Engineering Indicators (SEI) article.
  16. Body: Enter the text you want to display in your phishing email template. The What You See Is What You Get (WSYWIG) editor provides options for customizing your email template. You can add tables, lines, and more by using the buttons available in the WYSIWYG editor.
  17. Landing Page: Select a landing page from the drop-down menu. This page is where your users will be redirected if they fail a phishing test. You can choose from our system landing pages or your custom landing pages. 
    Important:If you select a landing page when creating a phishing campaign, it will override the template you created/edited and the default landing page.
  18. Landing Domain: Select a web address from the drop-down menu that the user will see on the landing page. Changing the landing domain can be helpful if you are also using one of our Phishing for Sensitive Information landing pages. You can set a default landing domain on your Account Settings page, which will apply to all email templates you create.
  19. Difficulty Rating: You can assign a difficulty rating to your custom phishing email templates. The difficulty rating will show how difficult that particular phishing email will be for your users to identify.

Moving a Template from the Drafts Category

When you create a phishing email template, it gets added to the Drafts category under My Templates. To use your template in a phishing campaign, you'll have to move the template from the Drafts category to any of the other categories in the My Templates section. Follow the steps below to move your template:

  1. In your KnowBe4 console, navigate to Phishing > Email Templates.
  2. In the My Categories section, click Drafts.
  3. Select the check box next to the template you want to move to a new category. A Selected Templates header will display at the top after selecting the check box.
  4. In the Selected Templates header, click the Move to Category drop-down menu.
  5. From the drop-down menu, choose the category you want to use for your selected template.
  6. Click Move.

Previewing and Testing Templates

After you have created a template, you may find it useful to preview the template so that you can see what it will look like for your users.

To preview a template, navigate to Phishing > Email Templates and click the Preview icon under the Actions column for that template.

While previewing a template, you can also use the Send Me a Test Email button to send a copy of the template to your inbox as an email. This feature is useful when creating your own phishing templates since it will allow you to see what the email will look like before sending it to your users in a phishing campaign.

We do not recommend using the Send Me a Test Email button to test your whitelisting. The email that is sent using this button will look like a phishing test email but will not have the same functionality as an email sent from a phishing campaign. Instead, we recommend setting up a preliminary test campaign to ensure the most accurate testing results.

Creating and Editing Landing Pages

In your KnowBe4 console, you can create and edit landing pages. To create or edit a landing page, follow the steps below:

  1. In your KnowBe4 console, navigate to the Phishing tab.
  2. Select the Landing Pages subtab.
  3. To create a new landing page, click the +Create Landing Page button. To edit an existing landing page, click the name of that landing page.

When you click the +Create Landing Page button or the name of an existing landing page, the landing page editor will open. From here, you can create or edit the landing page. See the images below for more information on how you can customize your landing page.

  1. Title: Enter a title for your landing page here. This title will display in the My Landing Pages section of the Landing Pages subtab and in the Landing Pages drop-down menu when you create a phishing campaign.
  2. Source: Click the Source button to switch to a source code view. If you're familiar with HTML, you can use this view to create the landing page.
  3. Image: Click the image icon to open the image editor. You must use externally hosted images, which means that you must insert a publicly available URL into the URL field after clicking the button. You can also add alternative text here for accessibility.
    Important: When resizing images, always edit the width and height in the image's style tag. For more information on image resizing and why we only allow publicly available URLs, see the Help! The Images in My Phishing Template Are Not Showing Up Correctly article.
  4. Placeholder: Placeholders automatically populate the template with specific information. For placeholders to work properly, you must add user information such as user and manager names to your KnowBe4 console ahead of time. For more information on placeholders, see our How To Use Placeholders article.
  5. SEI Placeholders: The Social Engineering Indicators (SEI) feature is available to Platinum and Diamond subscription levels. It allows you to show your users exactly what SEIs, or red flags, they overlooked when they clicked a simulated phishing link. For more information, see our Social Engineering Indicators (SEI) article.
  6. Body: Enter the text you want to display on your landing page. The What You See Is What You Get (WSYWIG) editor provides options for customizing your landing page. You can add tables, lines, and more by using the buttons available in the WYSIWYG editor.

Moving a Landing Page from the Drafts Category

When you create a landing page, it gets added to the Drafts category under My Landing Pages. To use your landing page in a phishing campaign, you'll have to move it from the Drafts category to any of the other categories in the My Landing Pages section. Follow the steps below to learn how you can move your landing pages:

  1. In your KnowBe4 console, navigate to Phishing > Landing Pages.
  2. In the My Categories section, click Drafts.
  3. Select the check box next to the landing page you want to move to a new category. A Selected Landing Pages header will display at the top of the page after selecting the check box.
  4. In the Selected Landing Pages header, click the Move to Category drop-down menu.
  5. From the drop-down menu, choose the category you want to use for your selected landing page.
  6. Click Move.

Limitations on Uploading Your Own Images

Out of our respect for your intellectual property rights, we take steps to minimize the need for you to reproduce your copyrighted works to display them in your templates. Instead of embedding your images or uploading your images for us to host, using the linking method serves two mutually beneficial purposes. First, we provide a means for you to make more realistic templates that may help preserve the integrity and proportions of the your images that you add to your templates. Second, linking your images decreases the amount of content you have to share with us to achieve the same outcome as uploading your images to the console.

Can't find what you're looking for?

Contact Support