If you are trying to create a phishing test using a Phishing For Sensitive Information template, then we recommend adding a secondary or final landing page.
The secondary or final landing page is the landing page that users will see if they enter sensitive information such as login credentials. For example, you could choose a landing page that informs users that they failed the phishing test. You could also use any web page that you would like.
To add a final landing page, follow the steps below:
- After logging into your KMSAT console, navigate to Phishing > Landing Pages > System Landing Pages.
- Locate the landing page you'd like to use as your secondary or final landing page. Click the Copy the landing page URL option in the Actions column of that landing page.
- Once you've copied the URL, select Phishing for Sensitive Information from the System Categories menu on the left side of the page.
- Click the Phishing for Sensitive Information landing page that you'd like to use as the primary landing page. This will be the landing page that users see when they first click the phishing link in the email.
- Click the Source button at the top-left corner of the What You See Is What You Get (WYSIWYG) editor.
- Locate the <form action> tag element in the source code of this initial landing page. This element represents the action that will occur when a user submits the data entry form of the landing page.
Note: Landing pages can have more than one <form action> tag element in their source code. Ensure that you locate each <form action> tag element in the landing page’s source code.
- Find the URL in quotes in the <form action> tag element. Delete this URL, then paste the URL that you copied in step two. Make sure the URL that you paste is contained within the quotes. If your landing page has more than one <form action> tag element, you’ll need to update the URL for each tag element. For an example, see the code below:
<form action="https://https.protected-forms.com/pages/domain/XXXXXXXXXX" id="loginform" method="POST"><input id="uname" name="uname" placeholder="Email or phone" required="" type="text" /> <input id="password" name="password" placeholder="Password" required="" type="password" />
<div class="checkWrap"><input id="remember" name="remember" type="checkbox" value="0" /> <label for="remember">Keep me signed in</label></div>
<input id="submit-btn" type="submit" value="Sign in" /> </form>
This is an example of what the code for the Phishing For Sensitive Information landing pages can look like. The URL entered in the form action tag, <form action="https://https.protected-forms.com/pages/XXXXXXXXXX" ...., represents the final landing page you've chosen, where XXXXXXXXXX is account-specific information. For EU customers, use the following URL instead: https://https.eu-secured.com/pages/XXXXXXXXXX.
- (Optional) Give your landing page a new title.
- Save your customized landing page by clicking the Save button at the bottom of the page.
- Before you can use the landing page in phishing campaigns, you will need to move it out of the Drafts category and into another category. To move it into another category, follow the steps below:
a. In the My Landing Pages section, select Drafts.
b. Select the check box next to the landing page's name.
c. From the Move to Category drop-down menu at the top of the page, select the category where you would like to move the landing page.
d. Click Move.