Anti-phishing campaign
      Back to home
      1. Knowledge base
      2. Stoïk Protect
      3. Anti-phishing campaign

      How to activate, modify, or pause the phishing simulation?

      Activate the phishing simulation

      To install the phishing simulation, the user must be admin of Stoïk Protect and administrator of the insured company's email box – a role typically handled by the IT manager.

       

      To check if the user is an admin on Stoïk Protect, click on "Settings" and then "Access and Notifications."

       

      The installation of the phishing simulation tool can be done in 5 steps:

      1. On Stoïk Protect, go to the "Phishing" tab and then "Activate the phishing simulation";
      2. Synchronize the email addresses of your collaborators:
        • If your email service is Google or Microsoft, click on "Continue with Google" or "Continue with Microsoft": email address synchronization is automatic.
        • Otherwise, click on "Continue with manual import." In this case, remember to remove employees who have left your company and add those who have joined to ensure the effectiveness of the phishing simulation.
      3. Choose an email template. If you used automatic synchronization with Google or Microsoft, the email template corresponding to your email service is selected by default.
      4. Select the collaborators who will receive the fake phishing emails.
      5. Schedule the timing: weekly, monthly, or quarterly. Quarterly sending is enabled by default.

      Once the tool is configured, fake phishing emails are sent continuously, without the need for any action on your part. Your teammates falling for one of our fake phishing emails will be redirected to our phishing awareness module.

       

      Automatic synchronization with Google

      If you encounter the error message "Error 400: admin_policy_enforced," follow these steps:

      1. Log in to the Google Workspace Admin Console;
      2. Go to "Security" > "Access" > "API" > "Manage Google Services";
      3. In the list of Google Services, look for "Google Workspace" and select "Edit Access";
      4. Select "Unrestricted": any user-approved application can access a service to enable API access.

       

      Modify the ongoing phishing simulation

      • Add new email templates:
      1. On Stoïk Protect, go to the "Phishing" tab and then "Templates";
      2. All available templates (Google Workspace, Microsoft, Zoom, etc.) are displayed in cards:
        • When the "Enabled" button is blue, it means the template is already used in your simulation.
        • When the "Enabled" button is grey, it means the template is not yet used: click on it to activate.

      Click on the "Preview" button of one of the cards to preview one of the fake phishing emails. Note: you can only preview one email, but each template includes several emails – for example, the Google Workspace template has 17 different emails.

      • Modify the sending frequency:
      1. On Stoïk Protect, go to the "Phishing" tab and then "Settings";
      2. Select the timing: weekly, monthly, or quarterly. If you choose weekly, each collaborator will receive one email per week.

      Pause the phishing simulation

      Here are the steps to follow if you want to pause the fake phishing emails sent to your collaborators by Stoïk:

      1. On Stoïk Protect, go to the "Phishing" tab and then "Settings";
      2. Disable the phishing simulation in the "Configuration" section.

      If you want to permanently stop the phishing simulation, click on the "Unsynchronize" button in the "Configuration" section, from the "Settings" tab.

      Note: The email addresses of your collaborators will be removed from your Stoïk Space, and the phishing simulation will be permanently stopped.