Further along, you'll discover all the essential options for running a successful simulation conveniently located on the left side of the page in the sidebar menu.

• Verifying Domain:
  
  Domain verification is required to ensure that phishing emails sent through our tool can only be sent to employees within your organization. This prevents misuse by sending emails to unrelated domains outside your company. For example, if your company's domain is abc.com, you can only send emails to users with email addresses that also belong to the abc.com domain.
  
  1.Access Domain Settings: Log in to your dashboard.Click on the user profile button located at the top right corner.Select "Settings" from the options that appear.Locate the "Domain" button and click on it. 2.Enter and Verify Domain: In the provided field, enter your company's domain name (e.g., "abc.com") and then click on verify. 3.Follow the instructions to verify the domain by adding a TXT record to your DNS.
  4.Allow Time for Verification:The domain verification process typically takes a few hours.While you wait for verification, you can proceed with selecting and setting up your phishing campaign.

• To start a campaign :
  We begin by crafting a campaign template. Simply navigate to the sidebar menu, specifically the campaign template section, where you can easily create a template for the attack strategy of your preference.

• Campaign Template Selection:

  Click Campaign Template to access our library of pre-made templates.

  1.Use the filters on the dashboard to narrow your search:

  Template Library Selection: Choose from All Templates,Custom Templates (made or cloned by you), System Templates(made by our company and up-to-date), or Community Templates (shared by other clients). 

  Note: We recommend using System Templates.

  2.Select Language Filter: Choose your preferred language from the drop-down menu (mostly English and Arabic available).

  3.Attack Vector Selection: Pick the attack vector you want to use for your campaign. We offer: Phishing, QR Code, Attachment, Ransomware, Smishing, Vishing, & WhatsApp.

  4.Template Category Selection: Select the relevant category for your campaign (e.g., Human Resources, E-commerce, Insurance, Finance, Accounting). This will filter the templates displayed to those suitable for your chosen attack vector.
  
                  
  
  

• Previewing and Testing Your Template:
  1.After selecting your desired template using the filters, hover over it. Three dots will appear.
  2.Click the three dots and select Preview. This will open a preview window for you to review the template content.
  3.To test the campaign flow with a sample email, first locate the Attacker Profile section on the left side of the dashboard. Ensure it's whitelisted on your email gateway beforehand. Additionally, make sure the associated IP address, which is static at 168.245.74.19, is also whitelisted.
  

  Link to whitelist :
  Exchange 2016 0r Office O365                                      Microsoft 365 ATP

  G Suite                                                                              Lotus

  Thunderbird                                                                      Barracuda

  Fortigate                                                                            McAfee

  Cisco IronPort                                                                   Trend Micro

  
  

  4.Click Test Campaign on the top right side of the dashboard. Enter your email address and a name to receive the test email and experience the campaign flow as a recipient.

     
     Note:If you're satisfied with the current template, skip the following step and proceed with add users and groups.
  
  
• Making Changes to the Template:
  

  1.If you need to modify the template after testing, navigate back to the Campaign Templates section.

  2.Select the desired template, hover over it, and click the three dots that appear.

  3.Choose Clone from the menu. A new page will open with all fields pre-filled.

  4.You can edit the template name if desired.

  
  
• Editing Email Content:

  1.Click Next to access the email editing tab. Here, you can modify the email body, subject line, and make other adjustments.
  
  

     Note: For changes beyond text and basic fonts, please contact support@threatcop.com
  
  
  
  
  
  
• Landing Page Editing:

  
  

  1.Click Next again to proceed to the landing page editing section. Select the domain you want to use for hosting the landing page.
  
  

  Note: For changes beyond text and basic fonts, please contact support@threatcop.com
  
  

  2.Capture options: Use the checkboxes to enable or disable capturing username/email, password, and the auto-awareness page. You can also upload your own awareness link here.
  
  
• Settingup Attacker profile :  1.Click Next once more to configure the attacker profile. Here, you can set the Sender Display Name and Sender Domain. 2.Header key details and Fake CC can also be added while setting Attacker profile,but that’s optional.
  
• Finalize and Save: 1.Click Next again to proceed to the final step. Review your changes click Finish to save the cloned template.
  Note: This cloning process works for Phishing, QR Code, Attachment, and Ransomware campaigns. For Smishing, Vishing, and WhatsApp campaigns, which involve third-party dependencies, please contact support@threatcop.com for template modifications.
  
• To add users and groups over the tool: Here's how to add users and groups within the tool: 1.Locate the User and Group Section: Navigate to the dashboard and locate the User and Group section on the left-hand side menu bar. Click on it and select Group. This will display a list of current departments and the option to import new departments. 2.Adding Users After Template Selection and Test Run: Once you've selected a template and completed a successful test run, you can add users through various methods, primarily:G Suite AD integration,Azure AD integration,Uploading a CSV file. Links to User Import Methods:

  G Suite AD Integration                                                             Azure AD Integration User Import Through CSV
  

• Running the Campaign: 1.Select the desired template. Hover over the template tile, click the three dots, and then choose Create Campaign. 2.Provide a campaign name. Select the users or groups you want to target, and then click Send Now.
  
  
  3.A screen will appear where you can see the real-time statistics of the campaign initiated.
  
   
  
  
  

• Exploring Report section:

  1.Once the campaign is successfully executed, you can check the reports under the "Reports" section in the sidebar menu. Additionally, access other reports like Click Reports, Breach/Incidents, Repeat Offenders, and Course Analytics (on TLMS portal).
  
  
  
  

• Exploring EVS (Employee Vulnerability Score):

  
  1.Locate the EVS button in the Other menu on the left side of your dashboard.

  Clicking this button will display the EVS (Employee Vulnerability Score) for the most recently launched campaign. This score is assigned to each user based on their performance in the phishing campaign.

  2.To view the overall EVS for all campaigns conducted to date, click the Sync EVS  button located at the top right corner of the dashboard.
  
  
  
  
  

  Note: The above points are essential for running a campaign. The points below will help you understand more functionalities of the tool.
  
  
  To explore functionalities:
  
  

  • Adding Landing URL : click here to view

  • Creating AI based Template : click here to view

  • Creating New template: click here to view

  • Importing users through Azure AD: click here to view

  • Importing users through Gsuite AD: click here to view

  • Creating New Template:click here to view

  • How to read campaign data: click here to view