To carry out successful and realistic phishing simulations, it is essential that you are able to send out a variety of simulated phishing emails fitting your specific requirements.
uPhish not only comes with a library of pre-built templates you can use in your simulated phishing campaigns, but also allows you to build your own custom email templates.
How to build custom simulated phishing email templates
Find the uPhish template builder in the top menu by clicking uPhish -> Custom Email Templates.
Step One - The Custom Email Templates page
This page will show you all of your previously created custom templates. To start creating your new custom email template, click the Create button on the top right.
Step Two - Fill in the details
In addition to giving your template a name, you can give it some default values such as the email subject and the sender's name and email address.
- Template Name - Name your template. A descriptive name will make it easier for you to find it later.
- Subject - Give the template a default email title. You can always change the title when using the template in a new simulated phishing campaign.
- Sender Name - Give a name for the person or organisation the email simulates
- Sender - Provide an email address for the simulation to be sent from. By default templates are set to use one of usecure's simulated phishing domains, but you can use the Use a customer sender email address switch underneath to set a custom domain for your simulation.
Step Three - Choose a layout
You can either start building your template from scratch, or use one of the pre-built layouts which you can then customise to your choosing. Alternatively, select the sixth option to create a plain text email template.
Step Four - Build your template
The custom template builder offers a powerful editor to allow you to build your template exactly as you wish. Use the tools on the right to drag in elements into your template: you can choose from a variety of column layouts, buttons, images, dividers and text boxes to customise your template to your liking.
Step Five - Add variables
Variables are what make email templates so powerful: they allow you to automatically add information such as your users' names into the emails that are sent out. In the template builder, variables are separated by dollar signs ($). When you start writing text, you can easily add variables from the formatting bar.
It's essential that you also add the link to the phishing landing page - this is required to track clicks and compromises. The variable for the phishing link is formatted like this: [[text here]] (replace the text by whatever text you would like users to see on the link - simply ensure that it is surrounded by two square brackets).
(Optional) Step Six - Use a button for your phishing link
You can easily add buttons to your email template, but if you want to use them as tracked phishing links you will need to direct them with a variable. When you add a button to your template, type in %phishing_url% as its link destination on the button settings to use the button as a phishing link.
Step Seven - Almost finished!
Once you are happy with your custom simulated phishing template, click Save at the bottom of the page. You will now see your new template on the custom email templates page, where you can edit it, test it or use it in a new simulated phishing campaign.