Lucy Awareness
Visit our WebsiteContact Support
  • Wiki Overview
  • Guides
    • Quick Guides
      • Create Your First Campaign
        • Adding a New Client
        • Register an Attack Domain
        • Campaign Setup
          • Selecting an Attack
          • Attack Settings
          • Awareness Settings
          • Recipients
          • Review
        • Whitelisting
    • Installing Lucy
      • On-Premise vs Cloud Installation
      • Architecture
      • Hardware Requirements
      • Network Communication
      • Installing Lucy
      • Post Installation
    • Manage Blacklisted Domains
      • Managing Google SafeBrowsing Alerts
    • Whitelisting a Lucy Server
      • Google Workspace Whitelisting
      • Microsoft O365 Whitelisting
      • File Attack Whitelisting
    • Attack Simulations
      • Attack Types
        • Data Entry Attack
        • Hyperlink Attack
        • File Attack
        • Portable Media
        • Smishing
        • Lures
        • QR Codes
        • Ransomware Emulation
        • Technical Malware Test
          • Malware Toolkit Test Suite
        • Mail & Web Filter Test
        • Email Spoofing Test
      • Attack Template Customization
      • Firewall Protection Interval
      • Email Tracking Technologies
      • Advanced Information Gathering
      • Regular Expressions in Login Fields
      • Copy a Website
      • Redirecting Users
    • Awareness Training
      • Awareness Template Customization
      • Awareness Only Campaigns
        • Using Multiple Awareness Trainings
      • Use extended method of tracking the end of the quiz
    • Reporting Plugin
      • Deploying Office 365
      • Deploying Outlook Native
      • Deploying Gmail
  • Application Screens Reference
    • Statistics Dashboard
    • Campaigns Dashboards
    • Campaigns
      • New Campaign
        • Wizard Mode
          • Selecting an Attack
          • Attack Settings
          • Awareness Settings
          • Recipients
          • Review
        • Expert Mode
      • Campaign Settings
        • Configuration
          • Base Settings
          • Awareness Settings
          • Attack Settings
          • Schedule
            • Schedule Plan
          • Recipients
        • Advanced Settings
          • User Settings
          • Filters
          • Custom Fields
          • Reminders
        • Campaign Checks
        • Logs
        • Results
          • Summary
          • Statistics
          • Reports
          • Exports
    • Templates
      • Attack Templates
      • Awareness Templates
      • File Templates
      • Report Templates
      • Campaign Templates
      • Training Diploma
      • Download templates
      • Variables in Lucy
    • Users
      • Recipient Groups
      • End Users
      • End User Portal Settings
      • Administrative Users
      • Reputation Levels
    • Settings
      • Common System Settings
        • Domains
          • Supported TLDs
        • Firewall
        • Web Proxy
        • Mail Settings
        • SMTP Servers
        • SSL Settings
          • SSL for Campaigns
        • SMS Settings
        • Filter Settings
        • API Whitelist
          • API Routes
        • LDAP Servers
          • LDAP Sync Tool
        • LDAP Settings
        • Azure Applications
        • Azure AD Settings
        • SSO Configuration
      • Advanced System Settings
        • Advanced Settings
        • SSH Password
      • Submitted Email Settings
        • Custom Rules & Score Factors
        • Abuse Reports
        • Incident Autoresponder
        • Plugin Settings
      • Clients
        • Client Invoices
        • Client Invoice Settings
      • Backup and Restore
        • Backup Settings
      • Benchmark Sectors
      • Whitelabeling
      • File Browser
    • Incidents
    • Support
      • Status
        • Status
        • System Monitoring
        • System Health Check
        • Notifications
      • System Tests
        • Test Email
        • Performance Test
        • Spam Test
        • Mail Spoofing Test
        • Mail and Web Filter Test
      • System Logs
      • Manual
      • Update
      • Reboot
      • Mail Manager
      • Terms & Conditions
    • Account Settings
      • Two Factor Authentication
      • License
      • Invoices
    • Notifications
  • Release Notes
    • 5.4
    • 5.3.5
    • 5.3.4
    • 5.3.3
    • 5.3.2
    • 5.3.1
    • 5.3
    • 5.2.1
    • 5.2
    • 5.1
    • 5.0
    • Version 4
      • 4.14
      • 4.13
      • 4.12.1
      • 4.11
      • 4.10.1
      • 4.9.5
      • 4.9.2
      • 4.9.1
  • Legal
    • EULA
    • Privacy Policy
    • DPA, Customer and Partner Info
    • Service Level Agreement
    • Confidentiality of Campaign Data
  • When to Contact Us
    • Contact Technical Support
Powered by GitBook
On this page

Was this helpful?

  1. Application Screens Reference
  2. Campaigns
  3. New Campaign
  4. Wizard Mode

Attack Settings

PreviousSelecting an AttackNextAwareness Settings

Last updated 6 months ago

Was this helpful?

Next up is to define the Campaign settings, Attack settings, and associate the relevant Awareness training. 3.1 Campaign settings: In this section, you can specify the campaign name, associated client, and additional automation options. These options include setting an end date for the campaign and automatically generating a report template containing all campaign metrics. The report will be sent to the email address of the administrative creator upon completion of the campaign.

3.2 Attack Settings:

Next, we will define the Attack parameters. Domain -> Select the attack domain you have registered in of the Quick Guides. This will be the primary domain to use for both the email address and the associated landing page.

SSL -> Lucy is built with another efficient integration over API to the Let's Encrypt Certificate authority, which will automatically create, validate, and bind an SSL certificate to your attack domain.

What is SSL?

SSL (Secure Sockets Layer) is like a protective shield. It ensures that when your targets interact with the phishing page, their data remains secure and can't be intercepted by prying eyes. It's the trusty guard that makes sure your simulation stays safe and realistic. Without an SSL certificate, your recipients will encounter a big red warning page, signaling that the site they're trying to access isn't secure. This could seriously affect the authenticity of your simulation if it's not properly set up. So, think of SSL as your trusty sidekick, keeping things legitimate and secure.

Sender Name, Email, and Subject -> Here you will define from whom the Attack is being sent, their respective email address, and the subject.

It's recommended to use a sender email address that matches your registered attack domain. This practice enhances email deliverability by leveraging existing DNS records, reducing the risk of emails being caught by spam filters.

In simulated attacks, the goal is to encourage users to click a link in the email. This action allows for the collection of click success statistics.

If you intend to create a new link in your email body, simply highlight the word/phrase and select the link icon, then enter the placeholder %link% in the text box:

What is %link% ?

The %link% placeholder automatically generates a URL combining your registered attack domain with a unique tracking hash for each recipient, allowing for detailed tracking.

3.3 Editing the Email Content: The Lucy email editor is a dynamic tool that allows you to customize the email content according to your desired language and structural preferences. In most templates, you'll find variable placeholders like %name%, which automatically insert each recipient's name for personalization, enhancing the attack's relevance in a spear-phishing context. For a full list of placeholder variables, please see our dedicated section .

For example, with "open-ai.net" as the domain, the recipient sees a link like "", enabling precise monitoring of individual interactions.

here
https://open-ai.net/xvcskahjry
step 2