In this artical, there are a few tips and tricks on navigating the Testing Center!
Welcome to Hook Security! Once you've received your Welcome Email, and successfully logged in to the testing center, you are ready to start adding targets, and sending your own phishing simulations!
From your Dashboard, click on the tab Resources, then in the drop down, click on User Guide.
Once you are in the User Guide, there are multiple Help Articles to assist you in getting started. Let's go over some of the most crucial articles to get you up in running in no time!
Before you start getting ready to send out phishing simulations, its crucial to whitelist our IP addresses to ensure deliverability of each simulation. We recommend reviewing the Whitelisting Basics instructions before sending out your first simulation.
Verify Your Domain
The Manage Target Domains page provides a list of all domains that you have either authorized to send simulated phishing emails to or have previously tested targets belonging to that domain.
To get to the Manage Target Domains page, go to Tests / Campaigns > Manage Target Domains.
This will open the Manage Target Domains page. If a domain has been authorized (i.e. you don't need to send a Campaign Authorization email to someone on that domain), then it will say "Authorized" under the status column.
Once whitelisting is completed, you are ready to add a group you would like to start testing. Scroll down to the Targets/Groups tab and click on Add/ Edit Group.
When following the instructions on how to Add/Edit a group, under Group Settings you will have the options to pick a Group Name (company that is getting tested), Language, and Timezone.
Under Third Party Sync Setup, you can add Targets or emails via CSV file upload, LDAP, or Microsoft Graph (Office 365/Azure AD)
When you are done configuring the Group, click the "Create Group" button to save your group in the system. If you have chosen a third-party integration, you will be redirected to the appropriate interface to configure your integration settings.
Now that you've successfully added your targets, let's get your first phishing simulation set up! In the User Guide, go over to Templates and click on Template Library.
The Template Library is where all the phishing simulations are housed for your use. You can browse the templates by Phishing Emails, Landing Pages, and Training pages. Once you find the templates you want to use, simply click on the "Get" button under each template.
- Utilizing the dropdown will allow you to Preview the Phishing Email, Preview the Landing Page, and Preview the Training Page for this template. This works the same as clicking the Email or Landing Page icons. Selecting ‘Get’ will allow you to fully customize the email and landing page.
If you are interested in customizing the templates you have chosen, under Templates you can view Customizing Templates- Email Tab, Customizing Templates- Landing Page Tab, or Customizing Templates- Training Page Tab for step by step instructions.
Tests / Campaigns
Now that you have selected the template(s) you would like to use for your phishing campaign, let's walk through how to set up a campaign for your group!
Under the Tests / Campaigns tab, Select Creating a Campaign.
The first step in configuring a campaign is the Campaign Setup stage. Here you will give your campaign a name, choose a group(s) for testing, and schedule simulated phishing emails for sending.
1.Campaign Name: Choose a name for the campaign. We recommend naming your campaigns descriptively, e.g., "All employees Q4 2019".
2. Group(s): Select the group(s) that you wish to test. If you select multiple groups for testing, you will not be able to omit individual targets in the groups being tested.
3. Start Date, Time, & Timezone: Specify a starting date, time, and timezone for the test to begin. Click the calendar or clock icons for an interactive graphical date/time picker widget.
4. Track Activity: Specify how long you would like to track activity after all of the emails have been sent. The default, and recommended minimum, is one week. After the period specified here ends, the test will no longer track actions on phishing emails.
5. Sending: This section contains options related to how you would like the simulated phishing emails to be sent.
- If the "Send all emails when the test campaign starts at 'x' per hour" option is checked, then emails will be scheduled to send at the rate specified in the "per hour" field. The emails will be scheduled to send evenly distributed over the hour, per hour, until all the emails in the test have been sent. The default is for 1000 emails to be sent per hour, and the minimum is 25 emails per hour.
- If the "Send 'x' emails per target over 'y' Business days/weeks/months" option is checked, then the emails will be scheduled to send randomly on the days and hours that you specify. Click the clock icons to view an interactive time picker widget and set the business hours, and check or uncheck the boxes associated with the days of the week that you would like emails to send. The "'x' emails per target" number represents the number of templates you want to send to a target per test; you will need to select the same amount of email templates that you specify in this field for each repeated test.
- Note: If the test is scheduled to begin on a day of the week that you do not wish to send emails, emails will not start sending until a day that you have specified for sending. This is also true for repeated tests. If a start date occurs on an off day, the emails will not send until a selected day of the week has been reached.
Once you have finished the Campaign Setup stage, be sure to click "Save & Next" to move to the next step of campaign configuration.
1. My Phishing Templates: This tab contains all the email templates that are owned by your account, e.g. any templates that appear on the Manage Templates page.
2. Template Library: From this tab, you can select pre-made templates from the Portal Template Library.
3. Filter Templates: Type in this field to filter the templates by the criteria that you type. This filter can filter by any criteria, including template categories and brand names.
4. Sort Select: Use this select menu to choose how templates in the template window are sorted. Choose to sort by name, category, or date edited.
5. Template Window: This window contains all the templates relevant to the tab you are viewing, be it My Phishing Templates or Template Library.
6. Action Buttons: Click "Add" to add the respective email template to the test. The downward arrow contains more options;
- Preview Template Email allows you to preview the email template.
- Preview Template Landing Page allows you to preview the email template's landing page. If the email template does not have a landing page, then this option will be disabled.
- Edit Template will open the template editor and allow you to make changes before deploying the template.
7. Selected Templates: This section lists all of the templates you have added to the test. Depending on the settings you configured in the Campaign Setup stage, you may have to select multiple templates for testing. This is indicated by the ratio displayed in the header text. The test will not begin until you have added the correct number of templates.
After configuring the email templates you wish to use for the Campaign, click "Save & Next" to move to the next stage of the campaign wizard.
Verify & Run Test
This is the final stage of campaign creation. In this step, you are prompted to authorize any domains that have not been authorized for testing, and you are given the option of reviewing the test configurations.
1. Domain Info: This section contains information about the domains being tested, accounts, and groups that the domains are associated with their respective columns.
2. Domain Authorization Emails: Enter the name and email address of the person(s) who will be authorizing the tests in their respective fields. Once domains have been authorized for testing, tests will begin as scheduled.
3. Group Targets: Click the to expand the Group Targets information section. This section displays the group(s) being tested and the number of targets in each group, respectively.
4. Campaign Tests: Click the to expand the Campaign Tests information section. The "Tests with insufficient target counts" section will display any tests that do not have sufficient target emails to run. In order for any tests listed here to run, you will have to purchase more target emails.
The Campaign Tests section will display every test in the campaign, the sending method, start date, end date for email send, end date for data collection, and total test length.
5. Templates Used: Click the to expand the Templates Used section. This will display all the phishing email templates being used in the tests and the from email address of the template.
After you have reviewed your tests and templates and submitted the authorization emails for the domains you are testing click the "Finish!" button to schedule the tests. The test(s) will begin on the dates scheduled when all domains have been authorized for testing.
If you have any questions while navigating the testing center, you can email email@example.com or schedule a one on one walkthrough here!