Skip to main content
All CollectionsuPhishPhishing Attachments
Introducing Phishing Attachments
Introducing Phishing Attachments

Test user response to phishing attachments with uPhish email attachments.

Anna Cunningham avatar
Written by Anna Cunningham
Updated over 7 months ago

Cyber criminals can use phishing emails containing attachments to target users.

The files attached to phishing emails are often disguised as business documents and install malware on users' devices once opened.

Some phishing attacks might combine attachments containing links that take users to landing pages where their sensitive information can be harvested.


What is the Phishing Attachments feature?

The Phishing Attachments feature enables you to create simulated phishing emails that contain attachments.

You can select an email template with pre-built attachments to send to your end users for your phishing campaigns.

How do I create a phishing email with an attachment?

To create a simulated phishing email with an attachment go to uPhish > Create Simulation and select one of the two phishing attachment attack types:

1. Attachment Open

The Attachment Open attack type allows you to create a phishing email with an attachment.

With the Attachment Open attack type, users become compromised when opening the attachment in the email.

2. Attachment Open + Landing Page

Attachment Open + Landing Page attack type allows you to create a phishing email with an attachment containing a link to a landing page.

With the Attachment Open + Landing Page attack type users will be compromised when inserting their credentials after following a URL found in the attachment.

Click here for a step by step guide on how to create a phishing attachment simulation.

What attachments are available?

Phishing email templates that are available for attack types Attachment Open and Attachment Open + Landing Page have a pre-built attachment already included and are available in the Template Library.

Currently the attachments for the phishing email simulations are Microsoft Word Documents saved in a .docx format.

You also have the option to create your own attachment should you wish to customise the phishing simulation.

Note: Any custom attachments you create for a phishing email would need to be in Microsoft Word .docx format.

How to train users on phishing attachments

Our uLearn training module 'Attachment Phishing' is perfect for building awareness of the risks and signs of phishing email attachment attacks amongst your end users.

You can also use the 'Attachment Phishing Micro Training' course as inline training for your simulation to double-up training for compromised users.

Phishing attachment simulations are not supported by Auto Phish.


Next steps

Did this answer your question?