Overview... 3 Provisioning Sites for Security Awareness Training... 3 Understanding Phishing Simulations... 6 Understanding Types...

Similar documents
Integrating Trend Micro Hosted Security with Google Gmail

Communication. Identity

AWEBDESK MARKETER

PRODUCT UPDATE BULLETIN

DocVerify E-Signature Salesforce Application How to Create a New E-Signature Document. Versions 4.0 and above.

Postini Message Security Using Postini with Google Apps Education Edition

What's new in Europa?

Getting Started With AMGAlerts

CLD206x Compliance in Office 365: Data Governance

Unit 7: Working with

Using the Control Panel

MassMailer Configuration Guide

How to use Gmail to access your JBN

Automatic Delivery Setup Guide

SMS for REST Professional

Office 365 Inbound and Outbound SMX configuration. 4 th January 2018

Step 2 - Deploy Advanced Security for Exchange Server

Version 1.20 Release Note

Solar Campaign Google Guide. PART 1 Google Drive

Working with Actions Stratum.Viewer 6

Configuring Gmail (G Suite) with Cisco Cloud Security

2 User Guide. Contents

Using Trustwave SEG Cloud with Cloud-Based Solutions

USER GUIDE. PowerMailChimp CRM 2013

Step 4 - Choose Your Deployment

Integrate Barracuda Spam Firewall

California Naturalist Volunteer Portal. A Quick Administrators Guide to the New Volunteer Management System 3.1

Approving the Outside Interests Disclosure Form Without Conflicts. Supervisor Level. IRIS Mobile through the Web

BeetleEye Application User Documentation

Atlas LCC Legal Hold Notice Tips

Contents. Limitations. Prerequisites. Configuration

Track-able Bulk Management System

District And Club Database

CAS Quick Deployment Guide January 2018

Relay. Calendar Setup. Google Calendar

On the Surface. Security Datasheet. Security Datasheet

23 Shadowing ThinManager Shadow

Adobe Sign for Microsoft Dynamics

Configuring /Text Alerts in ThorPCX SUPPORT DOCUMENT

How to Ensure You Can Access National CASA Member News

Agent Console. The Agent Console. The topics in this section provide information about the Agent Console.

You can find more information about the service at

Migrating from the Standard to the Enhanced PPW Driver

How to Mail Merge PDF Documents

Welcome to the New DocuSign Experience!

Pardot Setup Implementation Guide

G-Lock EasyMail7. Startup Guide. Client-Server Marketing Solution for Windows. To learn more about G-Lock EasyMail7, visit

Salesforce Lead Management Implementation Guide

Web Push Notification

INSTALLATION AND SETUP VMware Workspace ONE

Enterprise Vault.cloud CloudLink Google Account Synchronization Guide. CloudLink to 4.0.3

SMTP Sending s While on PureVPN

Evaluating Encryption Products

GolfNow Central. Marketing User Guide. February 2018

Case Management Implementation Guide

Grant Application Portal User Manual. Community Foundation of Western Massachusetts

MANAGEMENT AND CONFIGURATION MANUAL

ThreatConnect Learning Exercises

Workshare Protect Server 3.8. Solutions Guide

COMPREHENSIVE GUIDE TO HUBSPOT WORKFLOWS

A User Guide. Besides, this Getting Started guide, you ll find the Zoho Campaigns User Guide and many other additional resources at zoho.com.

Contents Welcome to Halo... 3 Secure Sign-In... 4 Forgot Password... 4 Messages... 5 Create and Send a Message... 5 Message Enhancements...

Technical Documentation. Configuring Google SSO with Amazon AppStream 2.0 and Amazon AppStream 2.0 Chrome Packaging and Deployment

GAME Self-Service Portal

Marketer's Guide. User guide for marketing analysts and business users

MX Control Console. and Spam Summary Reports. End User Manual

Filtering User Guide. Guide to User Functions of Spam and Virus Filtering Service

User Manual. For JH CONNECT. Jesus House Intranet Application. Version

Marketing Automation:

Personal Dashboard User Guide

Ciphermail Webmail Messenger Administration Guide

Error Sending Mail Message To Smtp Server. Return Code 552

REPORT Job History. 1) Click the Menu button to enter the left side menu. 2) Click on Reports tab to access to enter the Report menu

User Guide for Bulk Mail Management System (BMMS)

Office 365 Standalone Security

Advanced User's Workshop

Notification Setup Guide for Operations Manager 2007

Organising your inbox

MARKETING AUTOMATION

MESSAGING SECURITY GATEWAY. Solution overview

Archiving Service. Exchange server setup (2013) AT&T Secure Gateway Service

Cisco TelePresence Management Suite Extension for Microsoft Exchange

Learning Studio Tool & Microsoft Outlook

Comodo Antispam Gateway Software Version 2.12

2012 Learning Guide Employee. StaffReady.

MANAGING YOUR MAILBOX SIZE - OUTLOOK 2010

Salesforce Lead Management Implementation Guide

BlackBerry Workspaces Server Administration Guide

Halo Administrator GUIDE

Workshare Protect Server 3.8. Admin Guide

BUILD YOUR OWN SAP FIORI APP IN THE CLOUD Exercise Week 5

Syncing Between Pardot and Salesforce

This document contains information that will help you to create and send graphically-rich and compelling HTML s through the Create Wizard.

Using Trustwave SEG Cloud with Exchange Online

Trustwave SEG Cloud Customer Guide

Set Up and Maintain Collaboration Tools

Quick Start Guide AUTODOC HSE

erecruitment Recruiter User Manual

User Guide. Copyright 2015 Cybercom Software

Whitelist Instructions

Transcription:

Overview... 3 Provisioning Sites for Security Awareness Training... 3 Understanding Phishing Simulations... 6 Understanding Email Types... 6 Understanding Programs and Campaign Scheduling... 6 Welcome Email... 6 Phishing Campaign... 7 Training Campaign... 8 Campaign Summary Reports... 9 Saving Custom Templates... 11 Understanding Email Events... 11 Managing Spam Filters... 12 Whitelisting Emails in Office 365... 12 Whitelisting Emails in Google Apps... 14 Whitelisting Emails in AppRiver... 15 Whitelisting Emails in Mimecast... 16 Whitelisting Emails in Exchange 2013 or Exchange 2016... 17 Page 2 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

As our client, you will be able to build your phishing simulations through our easy to use Simulation Wizard. Using the wizard, you will be able to: Import your company s email target list. Add your bait email and lure page by either choosing from our pre-canned templates, or writing your own content. Send a test email to test the simulation. Schedule and launch your simulation against your targets. Watch reports in real-time: Email processing and delivery Email opens and clicks Data post attempts to the lure page To enable Webroot Security Awareness Training within the web console, you can do either of the following: Provision when creating a new site. Enable for an existing site. To enable provisioning for a new site: 1. Select the Enable Security Awareness Training checkbox on the final step of new site creation. 2. Click the Finish button. Page 3 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

To enable provision for an existing site: 1. For the site you want to enable, click the Manage button. 2. Click the Security Awareness Training tab. 3. Select the Enable Security Awareness Training checkbox. 4. Select Full or Free 30 Day Trial radio button. 5. Click the Save Changes button. Page 4 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

6. At any time, under the Security Awareness Training tab, you can view the Security Awareness Training status and target user count. 7. After the settings are saved, as needed, click the Go To Security Awareness Console button. 8. Additionally, in the Site tab, you can launch the Security Awareness Training console by clicking on the Go To Security Awareness Training Console button. Page 5 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

By default, phishing simulations are only available to launch against your authorized domains. You will not be able to target email addresses outside of your authorized domains list. These types of tests are generally ran by your company IT or security team. Before running any simulations against your organization, you should consult with your company s IT and/or security team to alert them of the tests, and maximize the success of your simulation. If you are a security consultant, you can contact us to become a verified security consultant to launch campaigns for your clients. Note: Email addresses on ISP or public domains (for example @gmail.com, @yahoo.com, etc.,) are restricted and cannot be used within the Securecast service. Target email addresses must be valid company or organization addresses. There are two types of email addresses that you enter: Authorized Domain Address (Admin) This is your own address on your company s or organization s domain. When you add an Authorized Domain address, you will be sent a validation link to your inbox. Click that link to verify that you are the owner of the email box, and have an account on your company s/organization s domain. This will allow you to import target email addresses on that domain. Target Email Addresses (End-Users) These are your company s or organization s employee s or member s email addresses that you will target your simulation toward. These are needed by the simulation in order to deliver the bait email. Programs is a feature set that allows you to schedule multiple campaign tasks with the goal of helping automate your training program. Tasks available for scheduling include: Welcome Emails are generally used for sending out an introduction to your new Security Awareness program to end users, management, IT staff, etc. You can use the Welcome Email task as the first introductory email to your users or consider scheduling it after your first Phishing Campaign to introduce Security Awareness after a baseline phishing simulation has been run. Welcome Emails are also a new email template type and can be created, edited and managed under Settings > Email in the menu. This is an email task that can be scheduled at a date and time you specify by populating the Send Date field. Page 6 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

To create a new Welcome Email Template: 1. Click the New Email Template button. 2. Under the Settings > Email menu, enter Welcome Email. This task will schedule a phishing campaign to be run at a date and time you specify. You can schedule multiple phishing campaign tasks to help automate your security awareness program. To create a phishing campaign: 1. Do one of the following: In the Task field, enter a unique name for the campaign. From the Campaign drop-down menu, select the phishing campaign you want to schedule. 2. Populate the Start Date field to set the date and time you want to send your Phishing Campaign. 3. Populate the End Date field to determine when to complete the campaign and finalize reporting. Page 7 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

4. Select recipient targets can be selected from the picker individually or by entering tags. 5. Select the Send report after this campaign closes checkbox to schedule a campaign summary report to be sent to email addresses you enter. Note: Phishing campaigns are scheduled using Programs and can be created and configured using Campaigns or Create New Campaign options in the menu. This task will schedule a training campaign to be run at a date and time you specify very similar to a phishing campaign. You can schedule multiple training campaign tasks to help automate your security awareness program. To create a training campaign: 1. Do either of the following: When creating a new training campaign, enter a unique name. From the Campaign drop-down menu, select the existing training campaign you want to schedule. 2. Populate the Start Date field to set the date and time you want to send your Training Campaign. 3. Populate the End Date field to determine when to complete the campaign and finalize reporting. 4. Select recipient targets can be selected from the picker individually or by entering tags. 5. Select the Send report after this campaign closes checkbox to schedule a campaign summary report to be sent to email addresses you enter. Note: Training campaigns are scheduled using Programs and can be created and configured using Campaigns or Create New Campaign options in the menu. Page 8 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

The campaign summary report is a report in PDF format that contains a summary of important details about the campaign run including the following: Name of campaign Date of campaign Key statistics, along with a summary of the campaign templates used To send a campaign summary report at the conclusion of a phishing or training campaign, follow this procedure. To send a campaign: 1. Select the Send a report after this campaign closes checkbox. 2. Click the Add button to determine who will receive the report. 3. To add multiple recipients, clicking the Add button again to expand additional recipient settings boxes. This is an optional step. Note: Reports can be sent to any valid email address including distribution lists. Page 9 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

New Program Screen Populated programs Screen Page 10 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

You can use templates to edit an existing template, or create a template from scratch within the template editor. To save a custom template: 1. Select the Save email as template checkbox. 2. Enter a name for your template. 3. Click the Save this email as a template button. You will be able to see data about the following types of email events in the Email Activity Feed: Processed Requests from your website, application, or mail client via SMTP Relay or the API that the emailer processed. Clicks Whenever a recipient clicks one of the Click Tracked links in your email. Delivered An email that was delivered to a recipient. Opens Whenever an email is opened by a recipient. Deferred The recipient mail server asked the emailer to stop sending emails so quickly. Drops The emailer drops an email when one of the following occurs: The contact on that email is in one of your suppression groups. The recipient email previously bounced. The recipient has marked your email as spam. Bounces When an attempt is made to deliver an email, but the recipient mail server rejects it. Spam Reports Whenever a recipient marks your email as spam and their mail server tells us about it. Page 11 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

Some spam filters may bounce mail coming from Webroot Security Awareness Training, which is both good and bad. It s good for proving that your spam filter is working, but it s bad for phishing awareness purposes. If mail does bounce, you may need to whitelist the send mail server by IP address or server name or you can also whitelist the sending domain. To whitelist the send email server: 1. Log into your email gateway/spam filter. 2. Add a white list for one of the following: Securecast IP Address: 167.89.85.54 Securecast Mail Server: o1.relay.mx-secure.com (o1.relay.mx-secure.com [167.89.85.54]) Securecast sending domain(s): use sending domain you set up/choose To whitelist in Office 365: 1. Log into your Office 365 and click on the Admin Portal. 2. Select Admin Centers > Exchange. Page 12 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

3. Select Connection Filter under the Protection section. 4. Click on Connection Filter, then click the Pencil icon to edit the connection filter policy. 5. Under the IP Allow List, click the + (plus) sign to add an IP address. Page 13 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

6. Add the following IP address: 167.89.85.54 7. Click OK, then click Save. To whitelist in Google Apps: 1. Log in to the Google Apps admin portal. 2. Select Apps. 3. Select G Suite. Page 14 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

4. Select Gmail. 5. Select Advanced Settings. 6. In the Organizations section, highlight your domain. 7. In the Email Whitelist section, enter the following IP address: 167.89.85.54 8. Scroll to the bottom and click Save. This change may take up to 60 minutes to propagate. To whitelist in AppRiver: 1. Log in to the AppRiver Admin Center. 2. Select Filters > IP Addresses. 3. Under Allowed IP Addresses, add the following IP address: 167.89.85.54 4. Click Save. Page 15 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

When using Mimecast, you will need to create a new Permitted Sender policy. Note: Make sure that you do not edit the existing default policy. To whitelist in Mimecast: 1. Log in to the Administration Console. 2. From the menu, select Administration. 3. Select Gateway > Policies. 4. Click the New Policy button. 5. Under Options, name your policy. 6. From the drop-down menu, select Permit Sender. 7. Under Emails From, select the following: Addresses Based On Both Applies From Everyone Specifically Applies to all Senders 8. Under Emails To, select the following: Applies To Everyone Specifically Applies to all Recipients 9. Under Validity, select the following: Enable, Set policy as perpetual Always On The Policy Override checkbox. 10. For Source IP Ranges, enter the Securecast gateway IP: 167.89.85.54. 11. Save the policy. This new policy may take up to 30 minutes to take effect. Page 16 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

To whitelist in Exchange: 1. Open the Exchange Management shell. 2. Run the following command: Add-IPAllowListEntry -IPAddress 167.89.85.54 Page 17 2018 Webroot Inc. All rights reserved. Proprietary and Confidential Information March 22, 2018

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback