Phishing templates are pre-made messages or emails used as part of a phishing attack. They are designed to trick the recipient into providing sensitive information, such as login credentials or financial information, or into taking an action that is harmful to them, such as downloading and installing malware. Phishing templates are often disguised as being from a trusted source, such as a bank, government agency, or well-known company, in order to increase the likelihood that the recipient will take the desired action. They can take many forms, including fake invoices, job offers, password reset requests, and more. The job-to-be-done of a phishing template is to appear as convincing as possible in order to deceive the recipient into taking the desired action.

Here's a brief overview of 16 of  our favorite types of phishing templates that can be used in a phishing simulation:

1. The "Urgent Request" template: This involves sending an email that appears to be from a high-level executive within the organization, urging the recipient to take immediate action. This can include providing sensitive information or making a financial transfer.
2. The "Software Update" template: This involves sending an email that appears to be from a well-known software company, requesting that the recipient update their software. The email may contain a malicious link or attachment.
3. The "Important Document" template: This involves sending an email that appears to be from a trusted source, such as a bank or government agency, requesting that the recipient open an attachment or click a link to access an important document.
4. The "Password Reset" template: This involves sending an email that appears to be from a well-known website or service, requesting that the recipient reset their password. The email may contain a malicious link or attachment.
5. The "Fake Invoice" template: This involves sending an email that appears to be from a reputable vendor, requesting payment for an invoice. The email may contain a malicious link or attachment.
6. The "Job Offer" template: This involves sending an email that appears to be from a potential employer, offering a job opportunity. The email may contain a malicious link or attachment.
7. The "Free Gift" template: This involves sending an email that promises a free gift or prize, requesting that the recipient provide sensitive information or make a financial transfer.
8. The "Charity Request" template: This involves sending an email that appears to be from a well-known charity, requesting a donation. The email may contain a malicious link or attachment.
9. The "Fake Alert" template: This involves sending an email that appears to be from a well-known security company, warning of a potential security threat. The email may contain a malicious link or attachment.
10. The "False Payment Request" template: This involves sending an email that appears to be from a trusted source, such as a bank or government agency, requesting a payment or transfer.
11. The "False Shipping Notification" template: This involves sending an email that appears to be from a shipping company, informing the recipient of a package delivery. The email may contain a malicious link or attachment.
12. The "False Bill" template: This involves sending an email that appears to be from a utility company, requesting payment for an overdue bill. The email may contain a malicious link or attachment.
13. The "Fake Contest" template: This involves sending an email that appears to be from a well-known company, informing the recipient that they have won a contest. The email may contain a malicious link or attachment.
14. The "False Survey" template: This involves sending an email that appears to be from a well-known company, requesting that the recipient participates in a survey. The email may contain a malicious link or attachment.
15. The "Fake Support Request" template: This involves sending an email that appears to be from a well-known technology company, requesting support for a technical issue. The email may contain a malicious link or attachment.
16. The "False Travel Notification" template: This involves sending an email that appears to be from a travel company, informing the recipient of a flight or hotel reservation. The email may contain a malicious link or attachment

—-

Haekka's phishing simulator is uniquely suited to modern work and companies that prioritize security and do not check the box for audits. We leverage Slack for real-time training and ChatGPT for AI-written phishing emails (users tell us our emails are leaps and bounds above competitors).