Phishing: Landing Pages
Landing pages direct the user to a specific page, and can be used for a variety of purposes, such as requesting login credentials or other sensitive information.
The Phishing Simulator > Phishing Scenarios > Landing Page Templates page contains standard default landing pages you can select and use for your phishing scenario or customize according to your preferences. You also have the option to create an entirely new landing page.
- Components of the Landing Page Template
- Landing Page Actions
- How to Add a New Landing Page Template
- How to Add a new Landing Page with AI
- Utilizing JavaScript on Landing Pages
- Utilizing Merge Tags in Landing Page Templates
- Divert Clicker to Your Own Landing Page
The components of the Landing Page Templates page are explained below.
| Template name | The name of the landing page template |
| Method |
The phishing technique employed.
|
| Languages | Filter landing pages based on your preferred languages. |
| Difficulty | The level of difficulty to recognize a phishing attempt (Easy, Medium, Hard). |
| Creation Type | Filter landing pages based on their creation type (e.g., Manual or AI Ally). |
| Created By |
System: Standard landing page templates are provided with the product. Custom: Landing pages created or customized by users |
| Stop Bot Activity | It shows the stop bot activity feature enabled for the landing page. By default, it is enabled and cannot be disabled to ensure that the target user activities are accurately captured. |
| Tags | Tags can be added to the landing page to enable viewing using related tag lists. |
| Date Created | The date and time the landing page was created |
Landing Page Templates Actions
This section explains how to edit, preview, clone, or delete a landing page.
-
How to Edit a Landing Page Template
-
Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Edit button.
-
-
How to Preview a Landing Page
-
Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Preview button.
-
-
How to Clone a Landing Page
-
Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Duplicate button.
-
-
How to Delete a Landing Page
-
Click on the three dots '⋮' button in the Actions option on the far right of the relevant page, and then click the Delete button.
-
How to Add a New Landing Page Template
Follow the steps below to add a new landing page that you can use in a new or existing phishing scenario:
- Click the +New button in the upper right corner of the Phishing Simulator > Phishing Scenarios > Landing Page Templates page.
- Complete the required fields on the first Template Info page, then click Next.
- On the Page Settings page, provide the Phishing Link: the URL to be used in the phishing email.
- Localize: Localize your main landing page template to different languages. Click here to learn the benefits of the feature and more information.
- Click Edit to make any changes or Save to complete the process.
You can add a second page to any landing page template without building it from scratch. A template picker for Page 2 lets you reuse an existing landing page as the second page with a single click.
To add a second page to a landing page template:
- Create a new landing page or open an existing one for editing (see How to Add a New Landing Page Template or How to Edit a Landing Page Template).
- On the Page Settings step (or when editing the template), use the template picker for Page 2 to choose a second page.
- Select any existing Click-Only or Data Submission landing page from your library — it will be added as Page 2 automatically.
- Click Save to apply. You no longer need to build the second page manually or copy HTML.
This applies to landing page templates in Phishing Simulator. The same template picker for Page 2 is also available in Smishing Simulator.
How to Add a new Landing Page with AI
Follow the steps below to effortlessly create custom landing page templates with the help of AI Ally. Once your landing page template is ready, it can be used in a new or existing phishing campaign:
- Click the +New button in the upper right corner of the Phishing Simulator > Phishing Scenarios > Landing Page Templates page.
- Complete the required fields on the first Template Info page, then click Next.
- On the Page Settings page, provide the Phishing Link: the URL to be used in the phishing email.
- Click on Use AI Ally and describe the scenario and key details for the landing page you want to generate.
- Once described, select the Language in which the landing page will be created.
- After providing the scenario details, click the Generate Landing Page button to create your landing page.
- Once the landing page is generated, click Edit to make any changes, or Save to finalize the landing page template creation process.
Here are some helpful ready-to-use AI prompts for creating landing pages.
| Template Name | Method Type | Command Prompt |
|---|---|---|
| Google Login Page | Data Submission | Create a landing page that closely resembles the Google Login Page. Ensure the design includes fields for email and password input, a "Forgot email?" link, and a "Next" button. Include a Google logo at the top and a small text link for "Help" and "Privacy Policy". The page should have a clean, minimalistic design with a white background. |
| Amazon Login Page | Data Submission | Create a landing page that looks like the Amazon Login Page. Include fields for email and password, a "Forgot Password?" link, and a "Sign-In" button. Add a small Amazon logo at the top and include a checkbox for "Keep me signed in". Below the login form, include a "Create your Amazon account" link. The design should have a white background with light gray borders. |
| Company Event Registration Form | Data Submission | Create a landing page for a company event registration. Include fields for full name, email, phone number, and a dropdown to select the department. Add a "Register" button at the bottom. The page should also include a banner at the top with the company logo and event name. The color scheme should match typical corporate branding with a professional look. |
| Password Reset Page | Data Submission | Create a landing page for a system password reset. Include a field for entering the email address, a "Submit" button, and a link for "Contact Support" in case the user has trouble resetting their password. The design should be simple with a white background, and include a small company logo at the top. The instructions should be clear and concise. |
| Bank Account Login Page | Data Submission | Create a landing page that mimics a bank account login page. Include fields for "Username" and "Password", a "Forgot Username or Password?" link, and a "Sign In" button. Add a small bank logo at the top, and include links for "Enroll Now" and "Help". The design should be secure and professional, with a dark blue and white color scheme. |
| Subscription Confirmation Page | Data Submission | Create a landing page for subscription confirmation. Include a message saying "Thank you for subscribing!", a field for entering an email address to confirm the subscription, and a "Confirm Subscription" button. Add a small note about privacy at the bottom. The design should be clean and modern, with a focus on ease of use. |
| E-commerce Checkout Page | Data Submission | Create a landing page for an e-commerce checkout process. Include fields for billing information (name, address, city, state, zip code), payment information (credit card number, expiration date, CVV), and a "Place Order" button. Add a small shopping cart icon at the top, and a summary of the order on the right side. The design should be user-friendly with a focus on security. |
| Event Ticket Purchase Page | Data Submission | Create a landing page for purchasing event tickets. Include fields for selecting the number of tickets, seating options, and payment details. Add a "Purchase Tickets" button at the bottom, and a small banner at the top with the event name and date. The design should be vibrant and engaging, with a focus on creating excitement for the event. |
| Phishing Awareness Oops Page | Click Only | Create a landing page that tells the user they've clicked on a simulated phishing email. The message should say "Oops! The email you just clicked was a phishing simulation. Don't worry, this is to help you learn." Include three key rules: 1. Avoid unknown links/attachments. 2. Verify the sender's email. 3. Be cautious of too-good-to-be-true offers. The design should be clear and educational. |
| Security Training Oops Page | Click Only | Create a landing page that informs the user they interacted with a simulated phishing email. The message should say "Oops! You just clicked on a test phishing email for training purposes." Include three rules: 1. Avoid unknown links. 2. Verify sender legitimacy. 3. Be cautious of urgent requests. Design it to be instructional and easy to understand. |
Utilizing JavaScript on Landing Pages
JavaScript enhances landing pages with dynamic behavior and interactivity. This capability helps you create more engaging and realistic phishing simulations by enabling features such as:
- Real-time content manipulation
Example: Add a countdown timer that shows “You have 30 seconds left to complete this form.” This creates urgency and makes the simulation feel more realistic. - Form validation
Example: When a user tries to submit a form without entering an email address, JavaScript can show a warning like: “Please enter your email before submitting.” This mimics real websites that check inputs. - Conditional content display
Example: Show a hidden message only if a user types in a certain keyword or clicks a specific button, such as “Access Granted” after filling a field correctly.
Please follow the steps below to use the JavaScript code editor feature.
- Go to Phishing Simulator > Phishing Scenarios > Landing Pages
- Click + NEW to create a new landing page
- Complete the required fields on the first page, then click Next
- Click Edit at the bottom center of the page to open the landing page editor
- At the top of the editor, click Import to open the HTML code editor
- Inside the editor, locate the notice: “Some scripts may be blocked for security reasons. Click here to add custom JavaScript code.”
- Click the link to open a pop-up where you can safely insert your JavaScript
- After inserting your script, click Save to apply your changes and publish the landing page
You can now create a scenario with your email template and landing page and then launch it to your email inbox to test the landing page to confirm if everything works as you expect.
Utilizing Merge Tags in Landing Page Templates
Here's a list of merge tags to help you make your landing pages more personal. Adding these tags can make your phishing campaign more tailored to the recipient.
| Merge Tag | Description |
|---|---|
| Full Name | Inserts the target user's first and last name. |
| First Name | Inserts the target user's first name. |
| Last Name | Inserts the target user's last name. |
| Inserts the target user's email address. | |
| From Name | Inserts the sender's name from the associated email template for this landing page scenario. |
| From Email | Inserts the sender's email address from the associated email template for this landing page scenario. |
| Subject | Inserts the subject line from the associated email template for this landing page scenario. |
| Date Sent | Inserts the date when the campaign is launched. |
| Current Date | Inserts the current date when the campaign is launched. |
| Current Date Plus 10 Days | Inserts a date that is 10 days after the campaign's launch date. |
| Current Date Minus 10 Days | Inserts a date that is 10 days before the campaign's launch date. |
| Random Number One Digit | Generates and inserts a random one-digit number. |
| Random Number Two Digit | Generates and inserts a random two-digit number. |
| Random Number Three Digit | Generates and inserts a random three-digit number. |
| User Language | Inserts the target user's Preferred Language information on the landing page |
| User Department | Inserts the target user's Department information on the landing page. |
How to divert employees who click the link to a URL not hosted by Living Security
You can direct users to your own URL instead of using a standard Living Security landing page. To set this up, select a Living Security landing page, and replace the URL in the provided HTML code with the URL of your hosted landing page. Here’s how you do it:
- Choose a landing page for your phishing scenario.
- Insert the following HTML code, substituting
https://www.google.comwith your own landing page URL:htmlCopy code<meta http-equiv="refresh" content="1; URL=https://www.your-landing-page.com" />
This setup will automatically redirect anyone who clicks on the link to your chosen landing page after 1 second, allowing us to track the click-through.
