Using the scheduler in Lucy not only enables you to create sophisticated, time-sensitive phishing campaigns that simulate real-world scenarios, but it also helps manage the email sending rate. This adjustment is crucial for avoiding rejection by recipient mail servers, which may have strict mail policies or limitations on the number of emails received in a given timeframe.
The scheduler is a powerful tool that lets administrators define campaign behavior based on predetermined rules. It also allows for adding multiple rules targeting specific groups or awareness outcomes within tightly controlled timelines.
Add Rule
A rule is defined by its "Type." This article will address each rule type individually to provide a holistic overview of all available parameters for each type.
Configuration
The logic for the Scheduler is structured as follows:
The Scheduler is governed by its Rules, and these Rules are governed by the Rule Type.
The Rule Type dictates the parameters that can be configured, determining the conditions and actions that the Scheduler can execute.
Rule Type
The base parameter that will define the rule's core objectives.
The One-Shot Rule is ideal for scenarios where you need to send a single, well-timed batch of emails to a specified group of recipients. This type of rule is useful for targeted campaigns aimed at assessing the immediate security awareness of users, introducing a new policy, or responding to a recent security incident.
Repeating rules are set to operate on a defined interval, enhancing how emails are distributed within a campaign. When you set up a rule to repeat, you can choose either to distribute the sorting of the emails uniformly, where each recipient receives the same new email every time the rule is activated, or to randomize them, where each recipient gets a random email with each cycle.
Importantly, the term "repeating" does not mean that the same emails are sent repeatedly to the same recipients as duplicates. Instead, "repeating" refers to the "Repeat Interval"—this specifies that the rule will execute repeatedly over the set duration until each recipient has received one email from the selected scenarios.
Additional Parameters:
The Repeating Rule includes the following parameters to define the repeating schedule:
Repeat Interval -> The frequency at which the rule repeats (e.g., daily, weekly, monthly)
Repeats -> The frequency the rule needs to repeat based on the Repeat Interval.
Start Hour -> The starting time the Rule should execute on a daily basis.
Stop Hour -> The time the Rule will stop on a daily basis.
Run Days -> Specify the days on which the repeating rule should be triggered for Weekly and Monthly Repeat Intervals.
The repeating rule is particularly useful in campaigns with multiple attack scenarios, allowing administrators to randomize the attacks. This helps prevent recipients from warning each other about the ongoing simulation testing, thereby maintaining the integrity and effectiveness of the campaign.
The Yearly Campaign Rule Type allows the creation of an intelligent phishing/awareness campaign that tests user awareness across various scenarios over the course of a year. This type of campaign can be set up once and then run continuously, with new recipients automatically added to the plan starting the following month.
A prime example of the Yearly Rule is its suitability for onboarding new employees. Administrators can pre-define a baseline security awareness program to educate new hires on core business security policies. These training sessions are then systematically sent out in specified months, ensuring that all employees receive comprehensive and timely security education throughout the year.
Additional Parameters:
The Yearly Rule allows you to define the "Period" when emails should be sent within each month.
Send within each month-> Emails are scheduled randomly throughout the entire month.
Send at the beginning of each month -> Emails are scheduled randomly from the 1st to the 9th day of the month.
Send in the middle of each month -> Emails are scheduled randomly from the 10th to the 20th day of the month.
Send at the end of each month-> Emails are scheduled randomly from the 21st to the last day of the month.
Drag and Drop your Campaigns:
The list of available awareness and attack scenarios in the campaign is displayed on the right side. The scenarios available depend on the type of campaign:
Attack Campaign: Both awareness and attack scenarios are available.
Awareness-Only Campaign: Only awareness scenarios are displayed.
On the left side, there is a list of months from 1 to 12, each with an unfilled list of scenarios. The month number represents the number of months since a new recipient has been added to the existing recipient group. This allows administrators to assign specific scenarios to each month, ensuring a structured and continuous engagement throughout the year.
The first month will begin on the 1st day of the next month following the configuration of the rule. For example, if you are configuring a Yearly Rule in January, month 1 will start in February. This scheduling ensures that the campaign aligns with the beginning of a new month.
Emails Type
Applies to Rule Types = One-Shot; Repeating
Specifies the nature of the emails to be sent.
Options:
All: Includes all types of emails.
Lure: Emails designed to entice recipients into a phishing simulation.
Attack: Emails that simulate a cyber attack.
Awareness: Emails designed to educate recipients on security awareness.
Examples:
Define a rule to send all types of emails, including attack, lure, and awareness emails.
Example Usage:
To test the knowledge retention from a recent Awareness Campaign, use a phishing simulation. If a user is successfully phished, they should automatically receive an email containing a link to additional training on the subject matter. The Scheduler Rule can be applied to both the attack email initiating the simulation and the follow-up awareness email providing further education.
Define a rule to send emails only for phishing simulations that use a Lure as bait.
Example Usage:
Configure an advanced attack using a Lure that mimics a new HR portal. This Lure will impersonate the VP of People, introducing the new portal and indicating a follow-up email for account registration. The Email Type will solely send the Lure email of the attack, enabling administrators to distribute the Lure to all recipients. Subsequently, additional Scheduler rules can be created to initiate the actual attack email.
Define a rule to send emails only for phishing simulations emails, excluding any Lure emails.
Example Usage:
After successfully dispatching a Lure email impersonating the VP of People to introduce a new HR portal, you have informed recipients to anticipate a registration email as a follow-up. The "Attack" Email Type permits the definition of a Scheduler Rule for all intended recipient groups to receive the follow-up Attack email pre-empted by the Lure. This Rule will exclusively trigger the sending of the Attack email.
Define a rule to send emails only for awareness training, excluding any Lure or attack emails.
Example Usage:
Given the high rate of successful attacks in your current campaign, indicating potential shortcomings in the effectiveness of the existing training, you decide to incorporate an additional awareness training session. Using the "Awareness" Email Type, you can create a rule that sends this additional training to all recipients, regardless of whether they have been successfully phished previously.
This Email Type is configured to send the Awareness training to all recipients, regardless of whether they have been successfully attacked before.
Time Zone
Applies to Rule Types = One-Shot; Repeating; Yearly
Sets the time zone for the campaign schedule.
This option allows you to send relevant Lure, Attack, or Awareness emails according to the local timezone of each recipient group. This ensures that emails are received during appropriate hours, increasing the likelihood of engagement and the effectiveness of each phase of the campaign across various time zones.
Start Date
Applies to Rule Types = One-Shot; Repeating
The date and time when the email campaign will begin.
Example: Set to 19.05.2024 11:10 to coincide with the start of a workday, ensuring maximum visibility.
Stop Date
Applies to Rule Types = One-Shot
The date and time when the email campaign will end.
Example: Set to 19.05.2024 12:10 to create a one-hour window for the email delivery.
Alternatively, use the Schedule Calculator to set the Stop Date:
Schedule Calculator Explained
The "Schedule Calculator" is a valuable tool for Administrators to define the sending rate of emails in a campaign, particularly important when sending hundreds of simulated emails which can potentially overload receiving mail servers.
This feature allows for setting a delay in the sending rate to prevent overloading of servers and to ensure compliance with mail-sending rate policies. For instance, for O365-based (receiving) mail servers, a recommended sending rate from Lucy is no more than 30 emails per minute. This adjustment helps ensure that your emails sent from Lucy are delivered efficiently without triggering spam filters or blocking by receiving mail servers.
Update Schedule Plan for New Recipients
Applies to Rule Types = One-Shot; Repeating; Yearly
If checked, the schedule plan will be updated for any new recipients added to the recipient group after the initial campaign launch.
Example: Useful if new employees are added to the target group shortly before the campaign starts.
This option also supports the automatic import of recipients from LDAP or Entra ID.
Do Not Send Emails on Certain Days of the Week
Applies to Rule Types = One-Shot; Repeating; Yearly
Allows you to specify days on which emails should not be sent.
Example: To mimic typical company-wide email correspondence and avoid sending emails on weekends, select Saturday and Sunday in your campaign settings.
Sort Type
Applies to Rule Types = One-Shot; Repeating
Determines the order in which emails are sent.
Default:
Emails are grouped by scenario, with the goal of completing the sending of all emails for one scenario before moving on to the next scenario.
Full Random:
Emails are sent in a completely random order.
Scenarios:
Select the attack scenarios that apply to this Rule. This ensures that the specified scenarios are used for the targeted phishing/awareness campaign.
Recipient Groups:
Select the recipient groups to be included in this Rule. This allows you to target specific groups for your phishing/awareness campaign.
Once all configurations of the Rule were applied, click on "Save" to commit your Rule and build a "Schedule Plan".
