PhishDeck as a platform aims to provide the most valuable phishing simulation campaigns that it can with the least amount of configuration required by the user to achieve their goals. With that in mind, the following is a short Quickstart Guide that can help you get on your feet quickly.
1. Create a test Campaign – the fun part!
The email you signed up with has been automatically verified and you can immediately send phishing emails to this address — for testing purposes.
Navigate to the [Campaigns] menu and click [New]. Start by adding a Title and Description for your Campaign. Then click [Next] to proceed, here you’ll find the email address you signed up with.
Click [Next] to pick one or more Templates for this Campaign. All phishing templates are pre-configured for you and designed to mimic effective engaging phishing emails. Once ready click [Next].
Which brings us to the last step of setting up our first phishing Campaign, the campaign’s schedule. Given that this is a quickstart guide, we can simply set the Campaign to [One time] and click on [Submit].
2. Check your email
You should have received the phishing email you’ve just set up via the Campaign.
PhishDeck uses a realtime proxy to simulate realtime phishing attacks, which means that after clicking the link and entering credentials, you will essentially be logging in to the actual website.
3. Results and reporting
You can view your Campaign results with high-level trends, as well as granular per-Target event timelines. You can visit this screen by clicking on the Campaign name.
You can also export your results as a report, by clicking on the “Download Report” button and selecting the export format of choice (HTML or CSV).
4. What’s next?
- Allow PhishDeck to send emails to your organization
Naturally, IPs which only send phishing simulation emails are bound to be blocked, and to such an extent, we strongly suggest explicitly allowing PhishDeck’s IP addresses to avoid issues with your phishing simulation Campaigns. Instructions on how to do this can be found below.
- Allowing PhishDeck in Google Workspace (G Suite)
- Allowing PhishDeck in Office 365 / On-premise Exchange
- Allowing PhishDeck in Proofpoint
- Other (let us know)
- Verify your domain
To verify a Domain, navigate to your Account settings (A), then click on the “Add Domain” button (B).