Phishing Templates

Share

Is this article helpful?

Last updated:

Data Breach Topic Guide

Note:We’ve added advanced features to phishing templates! All accounts will be opted in to phishing template advanced features in 2025. For more information, see our Phishing Templates Advanced Features Guide.

In your KSAT console, you can use data breach phishing templates to spear-phish users who have been part of specific data breaches. These phishing templates are intended to be used along with the results of KnowBe4's Email Exposure Check Pro (EEC Pro) tool, but they can be used in any type of phishing campaign.

We offer more than 10 data breach phishing templates, and each template spoofs a specific organization that has had a large-scale data breach incident. The templates prompt the user to click a link and also include a corresponding data entry landing page. Data entry landing pages allow you to test your users’ likeliness to click a link and enter sensitive information.

Note:Our landing pages will never save any of the entered data. We only track whether the user entered data, not the data itself.

How to Preview Data Breach Templates and Landing Pages

To preview our data breach phishing templates, follow the steps below:

  1. After signing in to your KSAT account, navigate to Phishing > Phishing Templates > System Templates.
  2. Locate the System Topics menu on the left side of the screen.
  3. Then, locate and click the Data Breach topic.
  4. Click the eyeball icon under the Actions column to preview the template.

To preview our data breach landing pages, follow the steps below:

  1. After signing in to your KSAT account, navigate to Phishing > Landing Pages > System Landing Pages. 
  2. Locate the System Topics menu on the left side of the screen.
  3. Then, locate and click the Data Breach Phishing topic.
  4. Click the eyeball icon under the Actions column to preview the landing page.

How to Create a Data Breach Phishing Campaign

Follow the steps below to create a data breach phishing campaign:

  1. Run the EEC Pro tool if you've never run it before. Existing customers with Gold or higher subscription levels will get this report automatically on a regular basis and can start with step two. For more information, see the Email Exposure Check Pro (EEC Pro) Product Manual.
  2. Review your EEC Pro results and determine which of your users have been part of data breaches.
    Note: The High and Very High risk categories indicate that the user's information was part of a data breach incident.
  3. Group your users based on the results. For example, you may create a group called "Kickstarter Data Breach" and place users who were part of the Kickstarter data breach within that group.
  4. Set up a phishing campaign with the following settings:
    1. Send to: Select the group(s) you created in step three.te
    2. Frequency: Select One-time.
    3. Sending Period: Select Send all emails when the campaign starts.
    4. Track Activity: We recommend setting this to 3 days.
    5. Template Topics: Select the Data Breach topic. Then, you can select a template that spoofs the organization that had a data breach that impacted your users.
  5. Leave the remaining options on their default setting.
  6. Click Create Campaign.

Once the test is complete, you can review the results. You can optionally share the results with the individual users who failed your phishing test and use this opportunity to discuss the impact of data breaches. You can also choose to enroll users who failed in a remedial training campaign using content about goes over data breaches.

Was this article helpful?

4 out of 6 found this helpful

Can't find what you're looking for?

Contact Support