Attack Settings
Last updated
Last updated
Next, define the Campaign and Attack settings, then link the relevant Awareness Training. 3.1 Campaign settings: Specify the campaign name, associated client, and additional options in this section.
3.2 Attack Settings:
Next, we will specify the parameters for the Attack. Domain -> Select the attack domain registered in of the Quick Guides. This will be the primary domain for the email address and the associated landing page.
SSL -> Lucy seamlessly integrates with Let's Encrypt to automatically create, validate, and bind SSL certificates to your domain.
Sender Name, Email, and Subject -> Define the sender of the attack, their email address, and the subject.
Using a sender email that matches your registered domain is recommended. This improves email deliverability by leveraging existing DNS records and reduces the risk of emails being flagged as spam.
3.3 Editing the Email Content: The Lucy email editor is a versatile tool that lets you tailor email content to your preferred language and structure. Most templates include variable placeholders like %name%, which auto-insert each recipient's name for a personalized touch, making spear-phishing attacks more effective.
The objective of simulated attacks is to persuade users to click on an email link, enabling the collection of click-through statistics.
To add a new link in your email, highlight the desired word or phrase, click the link icon, and enter %link% in the URL field.
The %link% placeholder automatically generates a URL combining your registered attack domain with a unique tracking hash for each recipient, allowing for detailed tracking.
For example, with "open-ai.net" as the domain, the recipient sees a link like "", enabling precise monitoring of individual interactions.
