Attack Templates

This simulation exposes users to scenarios where attackers use compromised or malicious websites to gain access to sensitive information or to infect users' systems with malware. It teaches users to navigate the web more securely, emphasizing the importance of verifying the legitimacy of websites and the risks of entering personal information into untrusted web pages. The attack is deemed successful the moment a user enters data on a simulated website landing page.

In this attack type, users are presented with files that appear benign but contain malicious payloads. These files come in various formats, such as Excel/Word Macros, PDFs, SVG or executables, and are typically distributed via email attachments or landing page downloads. The objective is to train users to be wary of opening or downloading files from unverified sources and to recognize signs of potentially malicious files. The attack is deemed successful the moment a user either downloads the file or executes the payload.

Mixed attacks involve a sequence where an email prompts a user to log into a fake portal for credential harvesting.

The user then downloads and executes a file, often containing ransomware, as the final success phase of the attack. This simulation trains users to recognize and mitigate multi-step cyber threats, emphasizing the critical need for cautious interaction with emails and websites, and the importance of verifying sources before downloading and executing files.

The attack is considered successful when the user executes the ransomware payload.

This attack type involves the use of physical media devices, such as USB drives or Rubber Ducky's, that are infected with malware. It aims to educate users about the risks associated with connecting unknown or unsolicited portable media to their devices.

The focus is on raising awareness of the potential for these devices to bypass network security measures and directly introduce malware into systems. The attack is deemed successful the moment a user either runs an executable from a USB or inserts a Rubber Ducky with the potential to act as a keylogger.

The type filter enables you to categorize and view all attacks by their predefined attack type. For instance, selecting the filter for Hyperlink attacks will display all the templates associated with this specific type of attack.

The target audience filter helps you find all attack templates relevant to the specific group within your organization you are aiming to train or evaluate. Some attacks are tailor-made for technical staff like developers or system administrators, while others are suited for corporate users, including C-level executives.

The category filter helps you refine your search to attack templates based on their fundamental attack objective. For instance, choosing Social Media as a category will show all templates related to platforms such as Facebook, Twitter, WhatsApp, and others.

The difficulty filter organizes attack templates by their perceived complexity. For instance, templates featuring intentional spelling mistakes and minor branding alterations might be classified as "Low Level," indicating they are easier to identify by the end user. Conversely, templates that include nearly identical landing pages designed to mimic legitimate entities, such as Microsoft, are categorized as "High Level," reflecting their greater challenge in detection.

The "Applying" filter is utilized to identify which attack templates have previously been applied to campaigns, essentially highlighting the templates that are currently in use.

• Copy: Duplicate the selected template within the directory.

• Restore: Import a previous Backup template.

• Backup: Create a save point for the selected template to preserve its current state as a downloadable backup.

• Download: Redirection to the Download Template repository.

• Delete Duplicates: Remove any identical copies of the selected template within the directory.

• Delete: Permanently remove the selected template from the directory.

By default, templates are sorted from newest to oldest. However, you can choose to sort them alphabetically, by the date they were added, or by the date they were last customized.

This display toggle allows you to switch between viewing the template results as tiles or in a list format.

Tiles:

List:

Starting in Lucy version 5.1 you may select your favorite templates and use the "Starred" filter option to view them: