Recipient Management
Recipients Overview
Recipients are the target users for your phishing simulation campaigns. These individuals represent your organization's user base and are the focus of your security awareness training. Each recipient profile contains demographic and organizational information that can be used to personalize campaign content and track individual susceptibility patterns.
Important: Recipients must be organized into groups before they can be included in campaigns. This group-based approach enables targeting and campaign management across different organizational segments.
The recipients page displays all registered users along with their detailed information,
including organizational data and security awareness metrics. Recipients flagged as
Repeat Offenders are clearly marked for targeted follow-up training.
Personalization: All recipient profile fields can be used as variables in email templates and phishing pages, enabling highly personalized and realistic simulation scenarios.
Individual Recipient Analytics
Each recipient's dedicated page provides analytics and behavioral insights, enabling targeted security awareness training and follow-up strategies. This view helps security teams identify high-risk individuals and track improvement over time.
Use the Export Events button to download data including recipient profile information
and interaction history for reporting and analysis purposes.
Performance Metrics Dashboard
The metrics cards provide visibility into each recipient's security awareness performance and susceptibility patterns across all campaigns:
| Metric | Description |
|---|---|
| Total Campaigns | Number of phishing simulations this recipient has participated in |
| Emails Opened | Unique email opens tracked via embedded tracking pixels |
| Initial Link Clicks | First-time clicks on phishing links per campaign, indicating susceptibility to social engineering |
| Data Submissions | Number of campaigns where recipient submitted personal information through phishing forms |
| Repeat Offenses (Links) | Pattern of clicking phishing links across multiple campaigns, indicating vulnerability to social engineering attacks |
| Repeat Offenses (Data) | Pattern of submitting sensitive information across multiple campaigns, showing high-risk behavior requiring attention |
Creating Individual Recipients
Individual recipient creation allows you to manually add users to your phishing simulation database with organizational and contact information. This method is ideal for small teams or when you need control over recipient data and personalization variables.
Recipient Profile Fields
Each field serves as a personalization variable for email templates and landing pages, enabling targeted and realistic phishing simulations:
| Field | Description and Usage |
|---|---|
| Email Address | Primary email address for campaign delivery and unique recipient identification |
| First Name | Given name for personalized email greetings and content (e.g., "Alice") |
| Last Name | Family name for formal communications and full name references (e.g., "Anderson") |
| Phone Number | Contact number for multi-channel simulations and identity verification scenarios |
| Extra Identifier | Additional unique identifier such as employee ID, username, or badge number for enhanced personalization |
| Job Position | Professional title or role for targeted campaigns based on organizational hierarchy and responsibilities |
| Department | Organizational unit for department-specific campaigns and targeted security awareness training |
| City/Location | Geographic location for regional campaigns and location-specific social engineering |
| Country | National location for international organizations and compliance requirements |
| Additional Notes | Custom field for special considerations, training status, or other relevant information |
Privacy Recommendation: Follow data minimization principles by collecting only the information necessary for your specific campaign objectives. For basic campaigns, an email address may be sufficient for simulation delivery.
Bulk Import from CSV
CSV import functionality enables bulk addition of recipients from existing databases, HR systems, or directory services. This method is useful for large organizations needing to populate their phishing simulation database with hundreds or thousands of users.
CSV File Format Requirements
Your CSV file must include a header row with column names matching the recipient profile fields. The system maps columns to recipient attributes based on these headers.
Here's an example of a properly formatted CSV file:
Email,Phone,ExtraIdentifier,FirstName,LastName,Position,Department,City,Country,Misc "[email protected]","+1-555-0191","EMP001","Marcus","Jenkins","Solutions Architect","Engineering","Portland","USA","Kubernetes Expert" "[email protected]","+7-916-555-0847","EMP002","Elena","Popov","Data Scientist","Analytics","Moscow","Russia","ML Specialist" "[email protected]","+91-555-8273","EMP003","Raj","Patel","DevOps Engineer","Operations","Mumbai","India","Docker Certified" "[email protected]","+47-555-9182","EMP004","Hannah","Berg","Product Owner","Product","Oslo","Norway","Agile Coach"
Flexible Column Ordering: The header columns can be arranged in any order as long as the column names match the expected recipient field names. This allows you to use existing data exports without reformatting.
Data Processing: The import process validates email addresses, removes duplicates, and provides feedback on any data quality issues encountered during the import process.
Recipient Groups Management
Recipient groups serve as the organizational foundation for campaign targeting, allowing you to segment users based on departments, locations, risk levels, or any other organizational criteria. This group-based approach enables campaign targeting and management of large user populations across different organizational segments.
Click on any group name to access group management functions, including member administration, group statistics, and campaign history. Each group page provides tools for managing group membership and analyzing group-specific security awareness metrics.
Group Management Dashboard
The group management dashboard provides tools for administering group membership, analyzing group performance, and managing recipient assignments. This interface enables administration of large user populations and targeted campaign planning.
Member Management Options
The group dashboard offers methods for managing group membership to accommodate different organizational workflows and data sources:
- Manual Addition: Click
Add Recipientsto select and add existing recipients to the group using the search interface - Bulk Import: Click
Import from CSVto perform large-scale member additions from external data sources - Auto-Creation: The import process creates new recipient profiles for users who don't exist in the system
Adding Individual Recipients to Groups
The individual recipient addition interface provides control over group membership by allowing you to search and select existing recipients from your database. This method is ideal for small adjustments to group composition or when adding specific targets to campaigns.
Use the Recipients search field to find users by typing their name, email address,
or other identifying information. The auto-complete functionality helps locate specific individuals
from large recipient databases.
Group-Specific CSV Import
Group-specific CSV import enables bulk addition of recipients directly to specific groups while creating new recipient profiles as needed. This workflow is useful for onboarding new departments or organizational units into your security awareness program.
Import Process and Benefits
- Profile Creation: Recipients who don't exist in the system are created during the import process
- Group Assignment: All imported recipients are added to the target group
- Data Validation: The system validates email addresses and profile data during import
- Duplicate Handling: Existing recipients are updated with new information and added to the group if not already members
CSV File Format
Use the same CSV format as global recipient import:
Email,Phone,ExtraIdentifier,FirstName,LastName,Position,Department,City,Country,Misc "[email protected]","+1-555-0191","EMP001","Marcus","Jenkins","Solutions Architect","Engineering","Portland","USA","Kubernetes Expert" "[email protected]","+7-916-555-0847","EMP002","Elena","Popov","Data Scientist","Analytics","Moscow","Russia","ML Specialist" "[email protected]","+91-555-8273","EMP003","Raj","Patel","DevOps Engineer","Operations","Mumbai","India","Docker Certified" "[email protected]","+47-555-9182","EMP004","Hannah","Berg","Product Owner","Product","Oslo","Norway","Agile Coach"
Flexible Headers: Column headers can be arranged in any order, providing compatibility with existing organizational data exports and HR system formats.
Creating Recipient Groups
Group creation establishes the organizational framework for your phishing simulation campaigns. Group design enables targeted campaigns based on job functions, security clearance levels, geographic locations, or risk assessments for your security awareness training program.
Group Creation Process
Begin by providing a name that identifies the group's purpose and target audience. Consider using naming conventions that reflect organizational structure, such as:
- Department-based: "Finance Team", "IT Department", "Sales Division"
- Location-based: "New York Office", "Remote Workers", "European Branch"
- Role-based: "Executives", "Administrators", "End Users"
- Risk-based: "High-Risk Users", "Privileged Access", "External Contractors"
Post-Creation Management
After creating a group, access management functions by clicking the group name or selecting
View from the actions menu. This opens the group dashboard where you can:
- Add and remove individual recipients
- Perform bulk member imports via CSV
- View group campaign history and performance metrics
- Configure group campaign settings and preferences