How to Copy an Email to a Custom Template
Real emails may have real malicious links in them, so it's important to be careful when handling and copying any email into your console.
To copy an existing email into your KnowBe4 console, follow the steps below:
- In your browser, open the email and use your cursor to highlight everything you want to copy.
- Right-click on the email and select Inspect. This will open the inspection window.
- By default, the inspection window will open on the Elements tab and highlight a row of code. Right-click on the highlighted row and select Edit as HTML.
- A window of HTML code will open. Copy all of the HTML in this window.
- In your KnowBe4 console, navigate to Phishing > Email Templates and click on the +New Phishing Email Template button.
- On the New Phishing Email Template screen, click on the Source button in the top-left of the WYSIWYG (What You See is What You Get) editor.
- Paste your HTML code from step 4 in the WYSIWYG editor.
- Review the HTML and remove any unwanted or unnecessary information. See our Cleaning an Email Template section for a list of items to search for when reviewing an email template.
- Click on the Source button again to view your template. Then, click on the Save button to save your email template to Drafts.
Cleaning an Email Template
An email template is considered to be clean once all malicious content is removed. Below is a brief description of common items to look for when cleaning an email template.
If you're copying a REAL phishing email, you need to be sure to remove all malicious links.
You can remove links in an email template by following the steps below:
- In the WYSIWYG source code, do a find (Cmd+F or Ctrl+F) for the href tag. This search will highlight all of the links in the email template.
- Replace the URL address of each link with the [[URL]] placeholder or a link that you know is safe.
Depending on the mail client that the email originated in or was copied from, there may be a secondary link in the href tag. These links typically start with “data-saferedirecturl…” and must be removed.
As a best practice, we recommend using only secure images in your email template. A secure image will have HTTPS in the URL instead of HTTP.
You can remove or replace images in an email template by following the steps below:
- In the WYSIWYG source code, do a find (Cmd+F or Ctrl+F) for the src tag. This search will highlight all of the images in the email template.
- Replace the image URL with a URL that you know is safe, or remove the image.
Visit our FAQ: Issues with Images in Phishing Templates article for more information about using images in your template.