Articles on: 🚀 Campaigns

How to launch a campaign?

Launching your first phishing campaign to test your employees is a pivotal moment. It is at this precise moment that you will realize that the security of your IT facilities, your data, and your production tools is potentially threatened by your employees' lack of training.

Don't panic ! The idea is to improve these behaviors with the repetition of campaigns in order to play on the following 3 levers:

1️⃣ The theoretical lever : Do my employees know the risk and how it manifests itself?
2️⃣ The heuristic lever : Can my employees mobilize their knowledge in the face of a threat that manipulates them through social engineering?
3️⃣ The cultural lever : Does the employee have an awareness of their responsibility and the security issues related to their actions?

Summary



Prerequisites
Step 1: Choose the campaign targets
Step 2: Choose a scenario
Step 3: Determine the campaign schedule
Step 4: Launch the campaign

Prerequisites



To launch a phishing campaign with Arsen, you must meet certain conditions:

🟢 You must have validated your domain names in the platform
🟢 You must have authorized phishing simulations with your filtering solution
🟢 You must have imported your employees into the platform
🟢 You may have created a custom scenario

Step 1: Choose the campaign targets



The first step is to select the employees who will receive the phishing campaign.

First, give a name to your campaign. The field is mandatory, and you will not be able to move on to the next step if you do not fill in this field with a name that has not already been given to another campaign.

Then you can select your targets according to two criteria, either by filtering the employees/collaborators integrated into the platform, or by selecting groups of employees.



🔀 If you select your targets by filtering employees, you can use multiple filters :


Security Score Range : Use the sliders to display employees between the two chosen security scores. People with a low security score have a higher vulnerability.
Campaign Count Range : Use the sliders to filter the display by the number of campaigns received by employees.
Untrained employees : Check the box to display only employees who have not yet received a campaign.
Identify your employees by targeting specific ones with the search field.



Note that you have a button that allows you to select all the results of your filters and by default the entire list of your employees.


🔁 If you select your targets based on their membership in a group, click on Groups :



You can then select a group of collaborators in one click.



Click on Next to validate the targets of your campaign.



Step 2: Choose the scenario(s)



To find the scenario(s) you want to send, use the filters available in the scenario list.

This library will allow you to find a scenario imagined by our teams or one of your custom scenarios.

Click on Next once the scenario(s) have been selected.

If you choose to send multiple scenarios at the same time, you are in a **multi-scenario campaign.**

Step 3: Determine the campaign schedule



Two choices are available to you on this page:

☑️ If you check Send it now - you can decide to send your campaign instantly.

It should be noted at this stage that Arsen sends several dozen emails in the same minute, so sending a complete campaign can take some time depending on the number of targets.

☑️ If you check Schedule for a specific time - You decide to send your campaign on fully customizable dates and times.

You have a calendar on which you can select multiple dates.

Caution ⚠️ you will not be able to select date ranges between two selections, click on all the days that make up the period to send the campaign for the entire duration.

|💡 To increase the discretion of a campaign, choose spaced sending dates and prioritize an evaluation campaign by using multiple scenarios at the same time.

You can schedule a date and time from which the first emails of your campaign will be sent.





You can also schedule a date and time beyond which email sending will be completed.






Finally, you can determine a sending window. A time from which you will send emails and a time beyond which you will no longer send emails on the dates selected in the calendar.





🗂️ This allows you to respect the right to disconnect, which responds to objectives of quality of life at work. This right consists of not sending emails to employees before or after a certain time, so as not to solicit employees outside working hours.




Step 4: Launching the campaign



The calendar is the page from which you will launch your campaign. Before launching it, you can review the summary of your campaign.



When you're ready, click on 🚀 Launch Campaign to start your campaign.

Congratulations 👏 You have just launched your first phishing campaign!

Updated on: 12/04/2023

Was this article helpful?

Share your feedback

Cancel

Thank you!