Skip to main content

Getting Started with Phishing Campaigns

Get started creating your phishing campaigns in the Adaptive platform.

Updated over 5 months ago

Navigating to the Phishing Campaign Tab

To create a new phishing simulation campaign, follow these steps:

  1. Go to Dashboard > Phishing Campaigns in the navigation menu.

  2. Select Create New Campaign.

From here, you can choose one of two campaign types:

  • Recurring: Runs phishing simulations automatically at regular intervals to assess security posture over time.

  • One-Time: Launches a single phishing simulation for a specific employee group, ideal for targeted training or compliance testing.

Once you've selected a campaign type, you'll be guided through configuring your campaign settings, including scheduling, targeting, and reporting options.

Creating a New Phishing Campaign

Uploaded image

Once you've selected your campaign type, follow these steps to configure your campaign settings:

1. Assign Employees

Choose which employees will receive phishing simulations:

  • All employees: Includes everyone in the organization.

  • Only employees in selected segments: Targets specific departments, locations, etc.

  • Only selected employees: Manually pick individual employees.

2. Set Simulation Cadence

Define when and how often simulations will be sent:

  • Schedule the first send date and time.

  • Choose the message delivery method:

    • All at once

    • Throughout the day

    • Throughout the week

    • Throughout the next 2 weeks

    • Throughout the next month

  • (Recurring Only) Set repetition frequency (i.e., how often the simulation repeats). Choose between:

    • Weekly

    • Every 2 weeks

    • Monthly

    • Every 3 months

3. Preview Upcoming Simulations

The preview panel shows your scheduled phishing simulations, including the start and completion dates for the simulation cycle (or multiple if it's a recurring campaign).

Employees will receive one random phishing email per simulation cycle.

Recurring campaigns will continue running on the defined schedule until manually stopped.

Selecting Your Phishing Scenarios

After configuring your campaign cadence, the next step is to choose a phishing scenario, or multiple.

Uploaded image

1. Select a Scenario

Pick the type of phishing attack you want to simulate. Each scenario mimics real-world threats and tests employees’ ability to recognize phishing attempts.

  • Click Add Scenarios to browse available phish sims.

  • Select a scenario(s) that aligns with your organization's risk profile.


2. Enable Remediation Training (Optional)

If an employee fails the phishing sim (e.g., clicks a phishing link), they can be automatically enrolled in remediation training.

  • Toggle on Enroll in Remediation Training to activate this feature.

  • Select the appropriate training campaign.

    • Remediation training campaigns need to be made in advance as Triggered Training Campaigns based on Phish Failures.

  • Employees will be automatically enrolled in the training campaign upon failing a phish sim to reinforce phishing awareness.

    • Receive an email notification with details on their training assignment.

Once you've selected your phishing scenario and (optionally) enabled remediation training, you're ready to review and launch your campaign.

Reviewing and Launching Your Phishing Campaign

Uploaded image

Before launching, review all details of your phishing campaign to ensure everything is configured correctly.

1. Review Scenario Selection

Check the selected phishing scenarios under the campaign summary:

  • Confirm that the correct attack types are included (e.g., Vendor Impersonation, Voice Phishing).

  • Ensure the right number of scenarios are in place for a well-rounded simulation.

2. Confirm Remediation Training (If Enabled)

If remediation training is activated, verify the details:

  • Training campaign name (e.g., Email Phishing Remediation).

  • Training duration (e.g., 30 days to complete).

  • Estimated time to complete (e.g., ~7 min).

3. Validate Employee Enrollment

  • Confirm the number of employees enrolled in the campaign.

  • Click View employees list to verify if needed.

4. Check Cadence & Scheduling

Review the sending details:

  • Start date & time (e.g., Mar 4, 2:33 PM EST).

  • Send method (e.g., All at once or Throughout the week).

  • Repetition frequency (e.g., Monthly)

5. Launch the Campaign

Once all details look correct:

  • Click Launch to activate the phishing campaign.

  • Employees will begin receiving phishing simulations based on the configured schedule.

  • If remediation is enabled, employees who fail will automatically receive training.

After launching, monitor campaign performance and employee engagement through the Phishing Campaigns Dashboard.

Did this answer your question?