QR Code Phishing or Quishing is a phishing attack that uses QR Codes (Quick Response Codes) to SCAM recipients into scanning the code and steal sensitive data or personal information.
This article teaches a Phriendly Phishing Company Admin how to create a Quishing Email Template. This article also provides Admins a monitoring tool in terms of how their Learners or Organisation is interacting with the QR Codes, via the current Dashboard and Reports.
This article answers below questions:
- What are the steps to create a Quishing Email Template?
- Where can Phriendly Phishing Admins locate Quishing Email Templates available?
- How can Admins schedule a QR Code Phishing simulation?
- Where can Admins check Quishing data interaction from Learners?
- What is the user experience when a user scans a QR Code in an Email Template?
What are the steps to create a Quishing Email Template?
- Go to Dashboard > Email Templates > Templates
- Filter by No QR Code
- Choose desired Email Template and clone
- Menu on the right, Select QR Code, click on pencil icon, fill out Sub domain and Base domain and click Finish
- Fill out the rest of the details as required and / or preferred
-
-
- Type (Baseline, Campaign, Phishing)
- Redirect URL
- Add Credential Capture in an Email Template
- Microlesson (note this is mandatory)
- Personalise
- Share Template (this is important to ensure template visibility in your zone)
-
-
-
Once done, select from the following menu on the upper right side of the screen:
-
-
- Publish: to immediately publish the changes you’ve made to the template
- Preview and test: to preview the changes and simulate a learner’s experience with the new template.
- Update: to save the changes
-
-
- Menu on the right, Click QR Code > Copy token and insert into the email content
- Click Update + Preview and Test (if preferred)
Where can Phriendly Phishing Admins locate Quishing Email Templates available?
- Go to Dashboard > Email Templates > Template
- Filter by QR Code > Has QR Code
- Email Templates with QR Codes contains this icon
How can Admins schedule a QR Code Phishing simulation?
Admins can schedule a QR Code Phishing simulation in 2 ways:
- Schedule a Spear Phishing simulation via Learning Path (filter by QR Code)
- Complete the creation of Quishing Template as above section and schedule a Spear Phishing block by clicking +Add More Spear Phishing button
Where can Admins visibly check Quishing engagement from Learners?
Note: Data from scanned QR codes are updated and reflected in all relevant Dashboard and Reports.
- Click Report: Admins can check the Learners who scanned the QR Code in an email in Click Report and filtered by Action = Clicked link QR Code
- Phishing Dashboard: Admins can monitor or view the number of QR Code scanned compared to other action in Phishing Dashboard > Simulated Phishing Click Behaviour and Phishing Action Behaviour Trend widgets
- Learning Path > Timeline: Admins can view which Learners has engaged on QR Codes on a Campaign or Phishing simulation.
What is the user experience when a user scans a QR Code in an Email Template?
Learners can scan the QR code in the Email Template via
-
-
Mobile device camera
-
- Open your Camera app and point it at the QR Code
- Click on the QR Code icon or the link below the code
- After clicking, it will then take the user to the microlesson or landing page of the Email Template
-
-
QR Code Reader extension
-
- Download a QR Code Reader extension if you do not have one already
- Dependent on the extension, you can either right click on the QR Code in the email and scan OR click extensions and open the link (note: image below depends on the extension available)
- After clicking, it will then take the user to the microlesson or landing page of the Email Template
-
-
Mobile device camera
Any issues or further questions, reach out to Support.
Comments
0 comments
Please sign in to leave a comment.