The message template is a mandatory configuration element in all campaigns. In case you run a phishing campaign together with an awareness module you will need to define the message template in both modules (phishing & awareness).
A campaign can have multiple scenario's. Each scenario has its own message template. To configure the message template please click on your campaign name–> on “BASE SETTINGS” (1) –> select the scenario template which you want to configure (2) –> click on “message template”:
The message template is split into different configuration sections:
Q: Can I use any sender name? Yes - the sender name equals the “from” line in the SMTP message header and it is only used for display purposes. You can just write a name in there (like “Jon Smith”). If you just want to display a different name together with an e-mail address, write the e-mail address with the display name in brackets as such: <Joe Example> email@example.com. Depending on your mail client the recipient might only see the name field in the mail preview. But in most cases he will see the real “MAIL FROM” address when he opens the mail:
Q: Can I use any sender mail address? Technically you can spoof any mail address you want and LUCY will send the mail as you defined it in the sender field. But if you spoof a known email domain (e.g. firstname.lastname@example.org) or a non-existing email domain (e.g. email@example.com) your email might get deleted or bounced by SPAM filters on the receiving mail server. In such a case you would see the error in your error log:
Solution: You can either
Please also take a look at the legal aspect here: https://www.lucysecurity.com/PS/doc/dokuwiki/doku.php?id=legal_aspects_of_phishing_spoofing_etc
Within the email, you will be able to place the link to the Landing Page (or awareness elearning site). Each user will get a unique link (it might look like http://www.example-phishing.com/aea43bc8fa2a3dc78f987ed5db94ba1a1ff39ba13e9ed228f2c6eff73d787040) in their e-mail so LUCY will be able to analyze a recipient's clicking behavior.
Alternative 1: Use the %link% variable in the text: To insert that link, you can simply type %link% at the place where it should appear.
As a result user will get a mail containing the link that points to your Landing- or Awareness page:
The link is dynamically generated:
Alternative 2: Hide the %link% variable behind a word As a second alternative you could also hide the randomized link and place the hyperlink behind a text, button, image etc.
Example “hiding behind text”:
This opens a pop-up where you need to define (3):
Alternative 3: Hide the %link% variable behind another link
Please make sure the link variable is set in the HTML code, if you hide it behind another Link. If you type a hyperlink instead a word, the editor will automatically detect that, and create the link in the code. But this link will be wrong: If you type http://www.example.com in the editor, LUCY will automatically create a hyperlink to http://www.example.com in the HTML code (1) and underline the URL. But if you want http://www.example.com pointing to your LUCY URL, please remove the link pointing to http://www.example.com in the source code directly, or remove it by clicking on the “unlink” symbol (2), and then select the text “http://www.example.com” and click on the link symbol again and insert %link% in the HTML code (3).
Alternative 4: Hide the LUCY link behind an image
If you don't want to use LUCY's randomized URLs, you can also create your own customized links. You will still need to use the %link% variable in the email template. Regarding the recipients, you can define your own links that LUCY will use for the campaign. More info can be found:here.
As mentioned before LUCY will create a randomized URL with a string to identify the user (e.g. http://www.example-phishing.com/aea43bc8fa2a3dc78f987ed5). If you want a shortened randomized string because you feel that the long string might look suspicious to a user you can tell LUCY to use a short version within the advanced settings:
Lucy allows you to use multiple variables within the message template. The variables pull the information from the recipient in the associated group. The message variables may be used in the mail body and also within the mail header elements:
You may use the following variables in the message template:
More info about the time variable
You can also use the dropdown in the message template to insert the variables at the right place:
Within the message template you can embed images. Please visit this chapter for your options.
The email configuration page has some other Optional Elements:
SMTP Fields: Enables you to set a custom SMTP header. This can be useful in certain environments (e.g. to flag the phishing mail with a custom email header so the SPAM gateway can differentiate between real SPAM and LUCY emails).
If you want to catch email replies you have three options:
By default LUCY will use a HTTP connection to your landing page. If you want the phishing or awareness website to be accessed via SSL, you first need to create the link in your message template (1) using the default LUCY variable (%link%). Next you need to click on the scenario settings. A submenu called SSL settings (2) will open. Please enable the checkbox and create the certificate. LUCY will then automatically create a https link to your landing page:
Lucy uses the file under /etc/postfix/virtual.db for email forwarding, when you check “Forward emails to” checkbox in scenario's message settings. When you enable email handing feature in incident settings, Lucy adds email domain to /etc/postfix/main.cf, to the line with “mydestination” option, and that makes Lucy to intercept all emails that arrive to emails on that domain.