Service Description

www.phish5.com Page 1

Introduction Phish5 provides a set of tools and reports to create and manage safe phishing campaigns

for your users as the best means of educating and reminding them of phishing scams

and the perils of opening “unexpected” emails, clicking on suspicious links and entering

password credentials just because they are requested.

The past few years have seen many high-profile, RSA, Microsoft and Google, companies

as well as thousands of other far lesser known organisations fall victim to targeted

phishing attacks. Because of its relative simplicity, spear phishing has become the

weapon of choice for cyber criminals. Now it is time to fight back and make your IT users

part of your security defence. Running irregular Phish5 Campaigns with your IT users will

attune them to this threat. Over time this will make them and your organisation far less

vulnerable to these attacks.

Phish5 – Phishing in 5 Steps There are essentially 5 steps involved in creating and launching a phishing campaign in

Phish5, all of which are completed in your browser. These are:

1. Create a new campaign giving it a name and description and any additional

details which are useful to you.

2. Add the email addresses of the victims. These can also be uploaded from a .csv

file.

3. Create the phishing email in our editor, from scratch or from one of our pre-

defined templates. You can also create and save your templates for future use

and editing.

4. Create the site(s) the phished users will see when they click on the phishing link

in the email you send them.

5. Confirm the data and launch the campaign

Step 1 - Setting up the Campaign

Service Description

www.phish5.com Page 2

Step 2 – Add the Email Addresses

The format for the email addresses is simple – John, Smith, john.smith@example.com

Step 3 – Create the Phishing Email

Choose your email template, edit and save it if you wish, and then preview your email.

The service automatically checks the “from” address to ensure the email can be sent.

Service Description

www.phish5.com Page 3

By proceeding to the next step you can edit what is shown in the URL link in the email to

make that link look more authentic

Service Description

www.phish5.com Page 4

Step 4 – Create the Websites for the Phished Users

These are websites which are shown when one of your victims clicks on the link in your

email.

This could be a single web page which gives the user a notification that he has carelessly

clicked on a suspicious link in dubious email and that he should pay attention to some

criteria and information which you provide on this web page. Alternatively, you could

create a landing page from this link, which might request the user to enter his network

or email user name and password to get some specific or personal information.

Once you have added a POST form, you can edit a “logged in” page to notify the user of

the error of simply entering login data when requested to do so.

Service Description

www.phish5.com Page 5

Step 5 – Launch Your Campaign Once this is ready, simply click on the Launch Campaign button to run the campaign.

You can watch the progress in the dashboard and generate a full report on the activity.

In addition the report also highlights those victims with vulnerable software running on

their endpoints.

Service Description

www.phish5.com Page 6

What does the Phished User See?

The email

And if he clicks on the link, the web page

Service Description

www.phish5.com Page 7

And finally, if he enters his user name and password and clicks on “submit”, the

notification page. Please note that data entered on these forms are NOT stored. In

addition to not saving users’ passwords, phishing pages are automatically altered to

prevent passwords from being transmitted by the victim’s browser.

Why not sign up for your free trial today www.phish5.com/signup