Adaptive allows you to adjust any existing scenario, generate a new one using AI OSINT, or build your own from scratch. This guide walks through using the scenario editor and explains how to go through each customization method.
General Guidance on Scenario Editor
The Scenario Editor shown below allows you to edit both the Phish Email and what happens when a user clicks the phishing link. Any scenario you customize will be saved in the Team Scenarios section of the Scenario Library.
Note: You can also customize the Phish Fail Page your organization uses. This is done in the Settings menu (as opposed to the scenario editor shown below).
Editing the Phish Email
Click Edit in the Phish Email section to open the email editor.
You can customize:
Subject – The email subject line recipients will see.
Sender name – The display name that appears in the “From” field.
Sender email, composed of:
Sender
Sub-domain – Optional and can be removed.
Domain – Select a domain from the dropdown. If DMI is enabled as your sending method, you may choose Custom Domain and type in any domain.
There are several formatting and layout tools available in the toolbar to customize the contents, structure, and appearance of the message body. Key tips:
Phishing Link: The area(s) pre-determined to be the phishing link will be highlighted in yellow (for example, the “Secure my 2FA” box in the screenshot). You can change the phishing link or add additional ones.
Merge Tags: Select the
icon to add macros that will dynamically update with user, company, or date information.HTML Source Code: Select the
icon to view and customize the HTML.Upload HTML/EML: Upload HTML or EML to recreate portions of, or entire, pre-existing emails.
After making updates, click Save Message.
Editing the Phishing Link Experience
Decide what happens when a user engages with the phishing link. The options are:
Link users to Fail Page: Shows users your selected fail page. Adaptive’s default fail page informs users that they fell for a simulation and helps them understand how to better identify phishing attempts in the future.
Link users to a Spoof Page: A more advanced simulation prompting users to take riskier actions (e.g., entering credentials). The fail page will still appear after the second risky action is taken.
You can configure this in the Phishing Link Experience section of the editor.
Duplicate and Edit Existing Scenarios
In the Scenario Library, click the three dots in the upper-right corner of any phishing simulation.
Click Duplicate
A window will appear where you can:
Name your duplicated scenario
Add notes
Choose a difficulty level
Click Create Scenario to proceed to the editor.
Once in the editor, follow the General Guidance on Editing above to update the Phish Email and Phishing Link Experience.
Generate a Custom Phishing Scenario Using OSINT
Use this feature to automatically build a realistic phishing scenario using publicly available information about your organization.
In the Scenario Library, navigate to New Scenario > Generate using OSINT.
Select the type of phishing scenario you want to create.
Click Generate Scenario.
Adaptive will gather relevant public information (e.g. terminology, organizational context) and produce a realistic phishing email.
After generation, you can:
Re-prompt the AI to adjust the overall persuasion or tone, or
Click Continue to Editing to proceed to the editor.
Once in the editor, follow the General Guidance on Editing above to update the Phish Email and Phishing Link Experience.
Create a Phishing Scenario from scratch
In the Scenario Library, Navigate to New Scenario > Email Phishing.
Set a Scenario Title.
Set the difficulty.
Select a vendor or internal/external user that will be sending this message.
Select an attack vector - the action you're looking for the employee to take that will count as a "fail".
Select Continue to o proceed to the editor.
Once in the editor, follow the General Guidance on Editing above to update the Phish Email and Phishing Link Experience.