Arsen Security

To customize the phishing email and include personalized elements, click <code>Duplicate</code> on any scenario card in the scenario library.

After completing the scenario details step, click <code>Continue</code>.

Arsen phishing-scenario creation screen showing scenario name, language, difficulty, and highlighted “Continue” button.

___________________________________________________________

Adapt a phishing email to your organization

Identify and highlight Red Flags in the training page

Edit the HTML code for advanced customization

- Adapt a phishing email to your organization
- Insert dynamic elements using tokens
- Identify and highlight Red Flags in the training page
- Edit the HTML code for advanced customization
   

A duplicated scenario with details already completed

- Admin permissions to edit scenarios
- A duplicated scenario with details already completed
   

3 – Edit the email’s general settings

Click the <code>HTML Builder</code> section to open the editor

Arsen phishing email editor showing the “Microsoft 2FA Enforcement” template with preview and sender settings.

- Sender’s name
- Sender’s email
- Email subject

Select a sending domain from the dropdown

- Select a sending domain from the dropdown

Arsen email editor with sending-domain dropdown opened, displaying available phishing domains.

Open <code>Phishing Domains</code>

Click <code>+ Add New Phishing Domain</code>

- Go to <code>Settings</code>
- Open <code>Phishing Domains</code>
- Click <code>+ Add New Phishing Domain</code>

Arsen Phishing Domains page showing the active domains list and the highlighted “Add New Phishing Domain” button.

Check a Red Flag box to mark the field as suspicious

- Check a Red Flag box to mark the field as suspicious
- Uncheck it if no warning is needed

Arsen email settings with Red Flag indicators turned on for suspicious ele

4.2 – Display Red Flags in the training page

Checked fields will appear highlighted in red in the Just-in-Time Training page

To customize the explanatory message, go to Settings → <code>Just-in-Time Training Page</code>

- Checked fields will appear highlighted in red in the Just-in-Time Training page
- To customize the explanatory message, go to Settings → <code>Just-in-Time Training Page</code>

⚠️ Warning Red Flags appear only in training campaigns. For details on the difference between training and assessment campaigns, <a href="https://intercom.help/arsen-security/en/articles/12937021-assessement-campaign-vs-training-awarness-campaign" rel="nofollow noopener noreferrer" target="_blank">click here.</a>

- Modify or add text
- Adjust typography and formatting

Arsen email editor showing a selected text block from the “Microsoft 2FA Enforcement” template with formatting toolbar visible.

Click the <code>{ }</code> dropdown to insert dynamic merge fields.

Arsen merge-field dropdown showing Target and Organization token categories

Phishing link: <code>{{ campaign.phishingUrl }}</code>

Phishing QR code: <code>{{ toImage(phishing.qrCode.url) }}</code>

- Phishing link: <code>{{ campaign.phishingUrl }}</code>
- Phishing QR code: <code>{{ toImage(phishing.qrCode.url) }}</code>

Click <code>&lt; &gt; Source</code> to edit the HTML directly

Useful for layout, custom styles, and advanced components

- Click <code>&lt; &gt; Source</code> to edit the HTML directly
- Useful for layout, custom styles, and advanced components

Arsen HTML source editor showing the full raw HTML of a phishing email.

Arsen email editor showing the image-upload button used to insert images into the phishing template.

Customize the phishing email used in a scenario

Editing a Phishing Email

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Token	Example	Description
`{{ target.firstname }}`	John	Recipient’s first name
`{{ target.lastname }}`	Doe	Recipient’s last name
`{{ target.email }}`	[email protected]	Recipient’s email
`{{ organization.name }}`	Arsen	Organization name
`{{ organization.domain }}`	arsen.co	Organization domain
`{{ toImage(organization.logo.url) }}`	`<img src="..."/>`	Organization logo
`{{ toImage(organization.logo.url, { heigth:100, width:100 }) }}`	`<img … />`	Resized logo
`{{ organization.logo.url }}`	URL	Logo URL
`{{ campaign.phishingUrl }}`	https://…	Phishing link
`{{ toImage(phishing.qrCode.url) }}`	QR image	Phishing QR code
`{{ target.phone }}`	+336…	Recipient's phone
`{{ formatDate(now, 'short') }}`	04/10/2022	Short date
`{{ formatDate(now, 'medium') }}`	04 Oct. 2022	Medium date
`{{ formatDate(now, 'long') }}`	Friday, 14 October 2022	Long date
`{{ formatDate(now, 'time') }}`	14:56	Current time

Editing a Phishing Email

1 – Objectives

2 – Prerequisites

3 – Edit the email’s general settings

3.1 – Open the HTML Builder

3.2 – Edit the main fields

3.3 – Configure the sender domain

4 – Use Red Flags

4.1 – Enable or disable a Red Flag

4.2 – Display Red Flags in the training page

5 – Edit the email body

5.1 – Use the visual editor

5.2 – Insert dynamic tokens

Available tokens

Attack-vector tokens

5.3 – Edit the HTML code

5.4 – Add images