Skip to main content

Add Credential Capture in an Email Template

Seth Saunders
Updated

Credential phishing attacks are commonly used to impersonate a brand. Typically, the phishing email will include a link to a website that will attempt to capture the victim's credentials. This method of phishing practices stealing a person's identity through their email address and password by masquerading as a known brand, entity, or person. 

Note: When setting up a credential capture page using the Phriendly Phishing portal, users are sent to a secure domain owned by Phriendly Phishing where no credential information is saved. 

 

How to Include Credential Capture in an Email Template:

1. Go to the Email template tab and select an email template. Open the email template creation page select Credential Capture > Set up credential capture.

Note: Instructions on creating a new email template can be found here

 

mceclip3.png

 

2. Complete the information below required to setup credential capture. 

Target URL - The login page you would like the credential capture to mimic (make sure this has https://www. at the beginning)

Sub Domain - To make the URL look more legitimate 

Base Domain - Select from 15 different domains owned by Phriendly Phishing

Path - To make the URL look more legitimate 

 

mceclip11.png

3. You can preview the link by selecting View page.

Note: All required fields must be filled (marked by a red *) and you must save the draft in order to activate the preview link, otherwise you will receive a 404 error. 

 

mceclip7.png

 

4. Insert the credential capture token into the email body.

 

mceclip8.png

 

5. Share the template with your zone.

 

mceclip0.png

 

6. Once completed, you have the option to Preview and Test, Save, and Publish the template. 

 

mceclip22.png

 

Note: When testing this template using the Preview and Test feature, the credential capture link will redirect you to our Phriendly Phishing simulated link landing page. This is because the template needs to be populated with an active user token in order to redirect a user to the credential capture page. When sending this template using the learning paths, users will first be directed to the credential capture page before being sent to the micro lesson.

 

 

Explore Phriendly Phishing's award-winning course catalogue here!

 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.