Customers who purchase both FortiPhish Service and the Fortinet Security Awareness and Training Service can integrate the two services.
For more information about FortiPhish, visit this site: https://www.fortinet.com/products/phishing-simulation
Customers can create training campaigns that can be assigned to users who trigger a phishing event. For example, they may wish to assign one or more training modules when someone clicks a link in a phishing email, replies to a phishing email, or, submits their username and password to a site after clicking a link in a phishing email. Customers can assign different, additional training for each event the user performs.
To do this, there are a few steps:
- Create and schedule a FortiPhish campaign.
- Create and schedule a Security Awareness and Training Campaign for each phishing event (User clicked, User replied, User submitted) you wish to assign training to.
- Create a report for the campaign
Before completing the following steps, customers must first complete the configuration of the FortiPhish service:
- Verify each email domain the customer wishes to send phishing emails to by creating a DNS TXT record for each. This is a separate configuration than the DNS TXT records created in the Security Awareness and Training Service. See the following FortiPhish article: https://docs.fortinet.com/document/fortiphish/23.4.0/administration-guide/921094/adding-domains
- Import the users that customers wish to send phishing emails to. This is a separate user import than the DNS user import performed in the Security Awareness and Training Service. You can import users into FortiPhish using the example.csv provided in the FortiPhish service (you cannot use the .csv file used to import users in Fortinet Security Awareness and Training Service (although the data may be cut and paste between the two .csv files). You may also import and synch users via LDAP/LDAPS or Azure Active Directory for the FortiPhish service (Security Awareness and Training Service currently does not support Azure Active Directory user imports/syncs). See the following FortiPhish article: https://docs.fortinet.com/document/fortiphish/23.4.0/administration-guide/629171/recipients
For help configuring FortiPhish and creating phishing campaigns, please refer to the FortiPhish online help: https://docs.fortinet.com/document/fortiphish/latest/administration-guide
If you need more technical assistance configuring FortiPhish or creating campaigns, open a ticket with the FortiPhish service team by following these instructions: How to open a helpdesk ticket for the FortiPhish service.
You can also request assistance configuring the service and setting up campaigns by opening a support ticket from within the Security Awareness and Training Service Get Support link under the avatar menu or by sending an email to [email protected]
Creating a FortiPhish Campaign:
FortiPhish provides online help for creating phishing campaigns.
See the following article: https://docs.fortinet.com/document/fortiphish/latest/administration-guide/759964/creating-campaigns
If you wish to tie a Security Awareness and Training Service campaign to phishing user email events, ensure you mark down the following:
The name you give to the phishing campaign.
The start date and time (hour) and time zone.
The end date and time (hour) and time zone. You can determine this from the number of weeks you configure the phishing campaign for. It will be 1-4 weeks after the start date/time and time zone offset.
SAMPLE: How to create a FortiPhish campaign:
1.) Log in to the FortiPhish service from the FortiCloud header (if logged in as the Tenant Administrator), or, log in from support.fortinet.com (you must have a registered support account and it must be added to the master support account that owns the license):
2.) From the navigation menu, select Campaigns, then select the Create Campaign button in the upper right quadrant:
3. Use the headers (Country, Language, Topic, Feature and Orientation) to find the appropriate template, or, select Custom in the navigation menu to create your own:
4.) Make any modifications to the template that you require (Subject, Clicking Behavior, Level of Difficulty Use Attachment, Track User Reply, Activate On Click Training) and select the Next button:
| Activate On Click Training MUST be set to ‘No’ to assign training in the Security Awareness and Training Service platform. If set to ‘Yes’, you can choose from pre-defined training videos available in the system. The ‘Yes’ setting is typically used by customers who do not use the Security Awareness and Training Service. For information on what each of the settings mean when creating a campaign, visit the FortiPhish documentation here: https://docs.fortinet.com/document/fortiphish/latest/administration-guide/759964/creating-campaigns |
5.) Give your phishing campaign a meaningful name. You may also wish to date stamp or add other information about the campaign and make any desired changes to the Campaign Name, Sender Name, Sender Email and SMTP Gateway Server fields and select the Next button:
| Sending a test email is recommended before launching a campaign Email gateway safelist: add the FortiPhish’s mailserver address (smtp.fortiphish.com) to your gateway safe list to allow incoming email traffic. Add [email protected] or ftnt.info to your safe sender list to allow incoming Security Awareness and Training Service email traffic (campaign related emails). Browser allowlist: add FortiPhish’s website URLs (smtp.fortiphish.com, fortiphish.com, api.fortiphish.com) to browser allowlist |
6.) Select the desired Recipients by selecting one of the groups you created during user import, then select the Next button:
7.) Select ‘Scheduled’ from the Campaign Schedule drop down and configure the Launch Date, Time Zone and Campaign Duration, then select the Next button:
| Give yourself enough time so that you can create the associated training campaign(s). Typically, phishing campaigns are scheduled days or weeks in advance. Take note of the start date and time as well as the timezone as you will need to enter these values later, when you configure the training campaign assignment. You will also need to mark down the duration so that you can match the Learner Due Date for the training campaign assignment. |
8.) Choose whether to Send Emails All at Once or Randomly (and configure the necessary fields), then select the Start campaign button:
You have successfully scheduled your phishing campaign.
| It can take up to 30 minutes for the phishing campaign to be available on the Remediation page of the Fortinet Security Awareness and Training Service. All campaigns should be scheduled for future launching to allow for this delay (at least 2 hours before hand). This will give you time to complete configuration on the Fortinet Security Awareness and Training Service. |
How to schedule the event training campaign in Security Awareness and Training Service:
1.) Select Campaigns from the navigation menu, then select the New campaign button:
2.) Enter a meaningful name in the Campaign name field. This name will be used in the invitation email. You may include things like the event triggered and they campaign email name.
Examples:
OOPS! You clicked a link in a phishing email.
Phish click! Log in and take your training assignment.
3.) Configure:
- The Campaign start date and time (this should match your FortiPhish start date and time and timezone),
- The Training due date for learners and time (this should match your FortiPhish end date and time (start time plus 1-4 weeks).
- The Campaign End Date and time. You should enter enough time for any users that may have triggered the event on the last day (e.g. one to four weeks).
4.) Add a Campaign welcome message that will appear with the training assignment in the learner experience, then click the Next button:
5.) Select the content you would like to assign the user if they trigger an event (User clicked, User replied, User submitted). In this example, we are triggering on the User clicked event. Once you have selected the desired content, click the Next button:
6.) You may re-order the content if you wish. Then select the Next button:
7.) Select the Remedial users from FortiPhish option button, choose the FortiPhish campaign you just created from the Select FortiPhish campaign dropdown, choose the action the assignment will trigger on from the Select users action dropdown:
| The FortiPhish campaigns are updated via a scheduled API call. If your campaign does not yet appear in the list, you can select a different campaign and update this later after selecting the Cancel button, then selecting Save as draft when the confirmation diaologue pops up. |
8.) Choose whether you will send the Training enrollment confirmation, Due date alert and Campaign completion emails.
9.) Select the Launch campaign button:
You will receive a confirmation message stating that the campaign has been launched. The Campaign should show a status of Scheduled.
Scheduling a report for your phishing campaign:
FortiPhish provides detailed reporting for FortiPhish campaigns. However, for the purposes of tracking the users who have opened, clicked, submitted, or reported phishing emails, you can create a report in the Security Awareness and Training Service.
1.) Select Reports from the navigation menu:
2.) Select the Create link for the Learner Completion Detail By Campaign report from the Campaign & learner progress reports section:
3.) Complete the form:
- Give your report a meaningful name (e.g. the phishing campaign name and the trigger event) in the Report name field.
- Select the phishing campaign from the Choose a campaign drop down.
- Select All Departments from the Choose a department drop down.
- Choose the Report format by selecting one of the option buttons (CSV or XLSX)
4.) If you wish to schedule the send of the report, scroll down and select the Schedule option button, otherwise, you can just select the Save Report button if you do not wish to send the report to users on a schedule:
5.) Search and select the users that will receive the report from the Choose users to receive the report field.
6.) Set the frequency by selecting the desired frequency (Once Only, Once a week, Once a month, Annually) option button of your choice in the Set how often users receive the report section.
7.) Set the Start date to match or be after the campaign start date and time.
8.) Verify and/or set the correct Time zone setting.
9.) Click the Save Report button to save the report.
A confirmation message is displayed:
You can Edit, Download or Delete reports by selecting Reports from the navigation menu, then selecting the Saved Reports tab.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article