Skip to main content

Setting up a phishing campaign

Updated

Setting up a phishing campaign in Guardey

Guardey’s phishing campaigns let you simulate real-life phishing attacks to test how users respond and raise awareness in a safe environment.

Access the phishing module

Step 1: Log in to the Guardey admin portal.

Step 2: In the dashboard menu, go to the phishing section.

Create a new campaign

Step 1: In the phishing section, click create new campaign.

Step 2: Follow the on-screen steps to set up your campaign and select your target group.

FAQ - Phishing create new.png

Step 3: Whitelist the campaign

Before continuing, make sure your email system is ready to receive the phishing simulation emails.

  • Whitelist Guardey’s phishing domains in your email provider.
  • If you use additional email filters (e.g., spam or security tools), make sure to whitelist the same domains and IPs there as well.

This ensures that phishing simulation emails are not blocked or marked as spam, so your campaign runs smoothly.

FAQ - Phishing create new step 1.png

Step 4: Choose a phishing template

  • Browse the list of available phishing templates.
  • Select a template that matches your objective, for example, simulating a fake login request or suspicious invoice notification.

FAQ - Phishing create new step 2.png

 

Step 5: Name your campaign

After selecting your template, give your campaign a clear name and add a short description. This helps you easily recognize and manage your campaign later on.

FAQ - Phishing create new step 3.png

 

Extra steps for a realistic phishing simulation

To make your phishing campaign as effective and realistic as possible, follow these final setup steps:

Step 1: choose the sending domain

Select the domain you want to use to send your phishing emails.

  • You can only send to one domain per campaign.
  • Make sure that whitelisting is correctly set up for the chosen domain to avoid delivery issues.

FAQ - Phishing create new step 4.png

Step 2: schedule the campaign

Define the start and end date for your phishing campaign. This allows you to control exactly when emails are sent and when the campaign should end.

FAQ - Phishing create new step 5.png

Step 3: assign target users

Select who should receive the phishing emails.

  • You can assign the campaign to individual users, groups, or your entire organization.
  • Make sure your selection matches the learning goals of your campaign.

FAQ - Phishing create new step 6.png

Step 4: review and launch

Carefully review all your settings:

  • Selected template
  • Sending domain
  • Schedule
  • Target users

If everything looks correct, click launch campaign to begin.

FAQ - Phishing create new step 7.png

Monitor campaign progress

Once your phishing campaign is live, you can track its progress in real-time from the campaign overview.

  • View key metrics such as the number of emails sent, opened, clicked, and whether users submitted any data.

These insights help you evaluate how users respond to phishing attempts and identify potential vulnerabilities within your organization.

FAQ - Phishing create new reporting.png

 

Related to

Related articles

Comments

0 comments

Please sign in to leave a comment.