Phishing Templates and Landing Pages

Understand Tags on Templates and Landing Pages

Described below are the tags you’ll find next to the title of templates and landing pages within your console.

Phishing Templates

The tags within the title of a phishing template typically denote the type of attack vector(s) included within the template.

Note:If you don't want your users to be tested with our various attachment types or if you want to change the domain the [[domain]] placeholder uses to something other than your own domain, you can modify these settings from the Phishing section of the Account Settings page. See this article to learn more. 

These phishing template tags include:

  • Link - This means there is a link (a hyperlink) on this phishing template that if the user clicks on it, they fail the phishing test.
  • Spoofs Domain - This means this phishing template appears to come from the user’s domain. KnowBe4 is able to “spoof” a user’s domain by using a placeholder [[domain]]. If do not want the email to spoof your domain, you can use the Overwrite [[domain]] Placeholder option in your account settings to use a domain of your choice instead. For more information, see the Phishing section of our Account Settings article
  • Fake Attachment - This means the template uses an image that appears to be an attachment but is not. The fake attachment is also a link. If the user clicks on it, they fail the phishing test.
  • Excel Attachment - This means there is a Microsoft Excel attachment on the template.
  • PowerPoint Attachment - This means there is a Microsoft PowerPoint attachment on the template.
  • Word Attachment - This means there is a Microsoft Word attachment on the template, and if the user opens the attachment, they fail the phishing test.
  • Excel Attachment with Macro - This means there is a Microsoft Excel attachment with a macro on the template, and if the user opens the attachment and enables the macro on the file, they fail the phishing test. A Macro is a small piece of computer code that has the potential to be extremely dangerous to a user’s computer and the organization’s network.
  • PowerPoint Attachment with Macro - This means there is a Microsoft PowerPoint attachment with a macro on the template, and if the user opens the attachment and enables the macro on the file, they fail the phishing test. A Macro is a small piece of computer code that has the potential to be extremely dangerous to a user’s computer and the organization’s network.
  • Word Attachment with Macro - This means there is a Microsoft Word attachment with a macro on the template, and if the user opens the attachment and enables the macro on the file, they fail the phishing test. A Macro is a small piece of computer code that has the potential to be extremely dangerous to a user’s computer and the organization’s network.
  • PDF Attachment - This means there is an Adobe PDF attachment on the template.
  • Zipped Excel Attachment - This means there is a zipped Microsoft Word attachment on the template.
  • Zipped PowerPoint Attachment - This means there is a zipped Microsoft PowerPoint attachment on the template.
  • Zipped Word Attachment - This means there is a zipped Microsoft Excel attachment on the template.
  • Zipped Excel Attachment with Macro - This means there is a zipped Microsoft Excel attachment with a macro on the template, and if the user opens the attachment and enables the macro on the file, they fail the phishing test. A Macro is a small piece of computer code that has the potential to be extremely dangerous to a user’s computer and the organization’s network.
  • Zipped PowerPoint Attachment with Macro - This means there is a zipped PowerPoint attachment with a macro on the template, and if the user opens the attachment and enables the macro on the file, they fail the phishing test. A Macro is a small piece of computer code that has the potential to be extremely dangerous to a user’s computer and the organization’s network.
  • Zipped Word Attachment with Macro - This means there is a zipped Word attachment with a macro on the template, and if the user opens the attachment and enables the macro on the file, they fail the phishing test. A Macro is a small piece of computer code that has the potential to be extremely dangerous to a user’s computer and the organization’s network.
  • Zipped PDF Attachment - This means there is a zipped Adobe PDF attachment on the template.
  • HTML Attachment - This means there is an HTML attachment on the template. The user clicks to open the attachment, and it will open up in their default browser. Once opened, the user fails the test.
  • HTML Attachment with Link - This means there is an HTML attachment with a link on the template. The user clicks to open the attachment, and it will open up in their default browser. Once opened, the user fails the test. The user can fail a second time by following the link that is on the opened HTML file.
  • SPF - This means the template is using a KnowBe4 domain in the Sender's Email Address field. The purpose of this domain is to accommodate mail servers and spam filters that enforce SPF checks. By using a KnowBe4 domain, the phishing template will pass the SPF check and ensure consistent deliverability to your users.
  • Credentials Landing Page - This means that the link in this template will direct the user to a data entry or login landing page that prompts the user for their credentials or other data. You can change this by selecting a new landing page at the time of the campaign's creation.
  • Spoofed URL - This means this template simulates an attack method where the attacker hides the real link destination using HTML code. This simulation only works on webmail, such as Google Workspace (formerly G Suite) or Microsoft 365. Outlook client users will not see the spoofed URL. More details on this attack type can be found here.

Notification Templates

The tags within the title of the notification templates denote what type of content to expect within the body of the notification template or the intended audience. These tags include:

  • From KnowBe4 - These templates use the KnowBe4 logo and name and are sent from a KnowBe4 email address.
  • Logo - These templates use your organization's logo instead of the KnowBe4 logo. For information on adding your organization's logo, here is our article on how to add your logo.
  • From Company Domain - These templates use the placeholder [[domain]] so the email will appear to be coming from your organization's domain.
  • Manager - These templates are intended for managers.
  • Admin - These templates are intended for a KnowBe4 admin.
  • Remedial Training - These templates are for a user who requires remedial training.
  • Password-less -These templates are for accounts that are using password-less logins. For more information on password-less logins, check out our How to Enable and Use Password-Less Logins article.
  • Policy - These templates are specific to policy training.
  • With Instructional Video Link - These templates include a link to a video from our Knowledge Base.
  • Cyber Hero - These emails are specific for training if you've enabled gamification for your Learner Experience (LX). For more information on gamification, check out the Gamification section of our Learner Experience Guide.
  • Banner - These templates include the KnowBe4 logo and a customizable banner of text across the top of the template.
  • Border - These templates include the KnowBe4 logo and a customizable, colored border.

Notification Template Categories Tags

  • User - This category includes notifications intended for users.
  • Manager/Admins - This category includes notifications intended for managers and admins.

Landing Pages

The tags within the title of a landing page provide information about the landing page. These tags include:

  • Translatable - This means that the landing page is localized and can be displayed in multiple languages. See this article for more information on localized landing pages. 
  • Do Not Edit - This means this template might not work as intended if the code is edited.
  • Use With Caution - This means that the landing page may cause a user to panic and react before thinking. If you decide to use a landing page with this tag, we recommend informing your stakeholders and IT team first. This way, they can take any necessary precautions and prepare for user questions.
  • English - This means this landing page is in English.
  • Spanish - This means this landing page is in Spanish.
  • Platinum/Diamond Only - This means the landing page is for Platinum and Diamond subscription levels only.
  • Branded - This means that these landing pages use your organization's logo and name. For information on adding your organization's logo, here is our article on how to add your logo.

Security Hints and Tips and Scam of the Week

The tags within the title of these categories indicate that the Security Hints and Tips and Scam of the Week are "Not PST" and whether or not the templates within it are "Branded". Below are the definitions of what these tags mean:

  • Not PST -  This means that this category is not meant to measure your users' phish-prone percentages and instead should be used for informational or educational purposes only. Categories with this tag do not contain templates with phishing links or any other attack methods on them.
  • Branded - This means that the template is using your organization's logo and name. For information on adding your organization's logo, here is our article on how to add your logo.

For information on setting up Security Hints and Tips or Scam of the Week campaigns, check out these articles:

Can't find what you're looking for?

Contact Support
circle-arrow-up