Udostępnij za pośrednictwem


Phishing Examples for the Microsoft Office 365 Attack Simulator - Part Three

This is the third post of a multi-part blog with examples to use as part of a phishing simulation in the new Microsoft Office 365 Attack Simulator tool. For background information on the tool and this blog series, click on Part One below.

Phishing Examples for the Microsoft Office 365 Attack Simulator - Part One (Background)

Phishing Examples for the Microsoft Office 365 Attack Simulator - Part Two (Simulations 1-5)

Phishing Examples for the Microsoft Office 365 Attack Simulator - Part Three (Simulations 6-10) current page

Simulation 6: Holiday Pumpkin Pies from the Company Social Committee

From Name: Your Company Social Committee

From Email Address: CompanySocialCommittee@companydomain.com

Phishing Logon Server URL: (choose the most appropriate option)

Email Subject: Social Committee Pumpkin Pies - Our Holiday Gift for Your Family

When/How to Use This Template: This is a great phishing simulation to run just before the holidays. Specifically, a few weeks before the United States Thanksgiving holiday. If your company already has a social committee, be sure to use the same sender name and email address they may already use. Insert a hyperlink into the space provided below for successful click tracking for the registration of holiday pies.

Email Body:

Hello ${username},

Your company social committee would like you and your family to enjoy the holidays with a gift on us! We are offering a free pumpkin or apple pie that you can enjoy at your holiday dinner table. This is our gift (sponsored by the company) to you as a thank you for all your hard work each and every day. And our hope is that this small gift of appreciation will help make your holidays a bit more relaxing (and tasty!).

We want to make receiving this gift as easy as possible. To make sure we order the appropriate amount of pumpkin and apple pies, we need each employee to register at the link below by next Friday, (insert date) indicating which pie they would like to receive. There is a limit of one pie per full time employee. Pies will be distributed from the office lobby between 2-5pm on the Friday before Thanksgiving.

Register for your holiday pie here (insert link here).

Thank you again for all that you do!

Your Social Committee

Simulation 7: Migration of Email Services Complete - Test New Web Client

From Name: Technical Service Department

From Email Address: ITServices@companydomain.com

Phishing Logon Server URL: (choose the most appropriate option)

Email Subject: Migration of Email Services Complete - Test New Web Client

When/How to Use This Template: Use this template anytime, but especially around the time of an email migration that your users may be aware of. Insert a hyperlink into the space provided below for successful survey link click tracking.

Email Body:

Hello ${username},

On behalf of your computer network team, in invite you to explore the new features of our new web-based email client. Our department has been hard at work for the past several months to evaluate your needs, design the most appropriate solution, implement, and now pilot it. You all now have access to this new email web client by accessing it from this site: (site link).

In the new client you will find an enhanced interface making it easier to schedule meetings, submit junk mail to help improve our SPAM filters, read/respond to email, use the new spell checking options, edit the layout of the new interface to your preference, and best of all - you can do this from anywhere with an Internet connection! We are empowering you to be more productive with your most critical communication tool.

To make sure we have hit the mark on this new tool and/or to hear your suggestions for further improvements, please be sure to provide feedback at this link as well: (survey/feedback link).

Thank you for your time and please enjoy this great new interface to help all of us easily access our email from anywhere.

Your Network Department Leadership Team

Simulation 8: Email Account Almost Full

From Name: Network Team

From Email Address: NetworkTeam@domain.com

Phishing Logon Server URL: (choose the most appropriate option)

Email Subject: Your Email Account is Almost Full

When/How to Use This Template: Use this phishing email template anytime. Insert a hyperlink into the space provided below for successful click tracking.

Email Body:

Hello ${username},

Your email account was recently identified as reaching near the maximum capacity. Please take action to remove older email as soon as possible so there is no disruption to your ability to send or receive email. The health of your email account and those of everyone in the organization is the responsibility of your network team who are committed to providing you with a stable and secure system.

If you would like additional email space, please submit a request to this site (site link) using your name and business reason for the mailbox size increase. You will have one week to remove older email to decrease the size of your email account. Failure to do so will result in the suspension of your email account access and cause potential disruption in your ability to work.

Thank you for your assistance.

Simulation 9: Bi-Annual Technical Team Satisfaction Survey

From Name: Network Administration Team

From Email Address: NetworkAdministrationTeam@domain.com

Phishing Logon Server URL: (choose the most appropriate option)

Email Subject: Bi-Annual Technical Team Satisfaction Survey

When/How to Use This Template: Use this email phishing example anytime. Be sure to adjust the From Name and From Email Address to reflect the local name of the network team that all users are aware of. Insert a hyperlink into the space provided below for successful click tracking on the survey.

Email Body:

Hello ${username},

Your network administration team is dedicated to providing you the best technical services with security, reliability, and excellent customer service in mind. You are our customers and we always want to make sure we are exceeding your expectations.

As part of dedication to service excellence, we want to hear more from you! We are now launching a bi-annual technical services satisfaction survey and encourage you to provide us feedback about the services you have received and suggestions to improve our team's performance. It is only with your valued feedback that we can evaluate your feedback to adjust and improve our service levels where needed.

We ask that you please take this survey by next Friday. The two-minute survey may be accessed in the website below:

(Survey website)

Thank you for your assistance.

Simulation 10: Migration of Company Data to the Cloud

From Name: Network Administration Team

From Email Address: Network AdministrationTeam@internaldomain.com

Phishing Logon Server URL: (choose the most appropriate option)

Email Subject: Review Requested - Migration of Company Data to the cloud

When/How to Use This Template: Use this email template, but especially before or after a migration of company on-premises data to a cloud hosted solution when this topic is still on the mind of your users. Insert a hyperlink into the space provided below for successful click tracking on the Data Migration List link area.

Email Body:

Hello ${username},

You are most likely aware by now of the ongoing project to transition most of our company technical services to the cloud. We are doing this with goals to save money, increase security, and to provide the best technical services possible to you, our customer.

With your email accounts now migrated to the cloud (you may not have realized this happened because it was such a smooth process), the next step in our migration project is to begin moving the large quantities of data our organization has to the cloud. We have evaluated most of the data held in our data center severs and identified who we believe are the owners of this data (documents, spreadsheets, presentations, etc.). Before we continue with our migration efforts, we are requesting the data owners to verify the data they own and that it is still relevant (can it be deleted?).

You have been identified as one of these data owners. We are requesting you to review the list of data associated to your network account and verify it is still needed. This simple checklist will enable you to quickly complete this request. Please logon to the data migration site using the link below and verify your data is still needed. We are asking that you complete this request by next Friday.

(Data Migration List link - use this as a title and insert a hyperlink here)

Thank you for your assistance.