Training done your way.

PhishingBox allows companies to create their own phishing template using our Phishing Template Editor.

Intuitive Template Editor

Our Phishing Template Editor still provides many tools to assist you in customizing templates to fit your needs. We also have numerous phishing templates instantly ready for you to start testing your employees.

  • Easy to use
  • Editable pre-made templates
  • HTML5, CSS3, JavaScript, and Bootstrap compatible
  • Language localization (coming soon)
Template Editor

Using Familiar Technologies

If you are familiar with HTML, CSS, and Bootstrap, you can take your template customization even further. The sky is the limit when it comes to how you test your employees.


The Hook

An effective phishing campaign begins with a well-crafted email to lure in your target. Receiving an email from an unknown or suspicious looking email address usually raises a red flag, so you want to make sure your email looks as legitimate as possible. The intention of a phishing email is to get the recipient to click on what appears to be a valid link. An email is usually the starting point of all phishing scams and it is also the easiest to fake and produce. People often overlook the sender’s address and delve straight into the content.

What's at Stake?

Most legitimate financial services, utilities companies, and other businesses will never ask you to provide personal information directly via email. So the key is to make the email experience realistic with a sense of urgency. Genuine websites will never ask for your private information through email. This is a rule you should always remember. Even if the information they are requesting seems harmless, be wary of giving away any details. They could be used to provide the sender with other clues to gain access, such as the answer to a security question.

The Human Risk

The sheer number of emails zipping around cyberspace guarantees that your employees will receive phishing emails. Analysts from the Anti-Phishing Working Group (APWG) recorded 1,097,811 total phishing attacks in the second quarter of 2022 alone, a new record and the worst quarter for phishing APWG has ever observed. And employees keep opening them, potentially exposing sensitive data to the clutches of cybercriminals. Assess your company’s organizational culture and then deploy anti-phishing as part of a comprehensive program of security behavior management and education. The best results come from using simulated phishing campaigns as a means to find members of your organization who need training the most.

What makes up a phishing template?

Phishing Email

The phishing email is the lure of your PhishingBox template. The PhishingBox Template Editor allows for you to dress the email to your liking to reel in targets. Each of our templates contains a phishing hook that will pull an unsuspecting target to your customized phishing landing page.

Phishing Landing Page

Creating a landing page is just as important as creating a phishing email. The landing page is what employees see if they click on the link in the email or fill out the data entry form and is intended to be both a “gotcha” as well as an incentive for them to learn more.

Phishing Training Page

Simulated attacks can help convince users to take training. Our results have shown that users who fall for more sophisticated emails are 90% more likely to complete follow-up education, which is critical for long-term behavior change.

Template Editor