I want to set up an internal phishing campaign for my organization while still using ConcealBrowse, how do I prepare for this to make it successful?
Conceal is always ready to help you prepare for a phishing campaign in your organization. We have some preliminary steps we suggest taking before going live.
- Before launching your phishing campaign you will want to add the sites and domains you're using to an allow policy in the Conceal dashboard in order to stop Conceal from isolating the site.
- You can do this by one or bulk upload via a .csv file. Below we will outline both methods as well as outlining single tenants and global policies for multiple tenants.
- An asterisk(*) is a wildcard symbol that stands for any amount of letters or characters in your URL. You can use these in your URL to capture all subdomains. If your policy is not working as intended, please try this method, CIDR notation doesn't always work.
- Example: The entry https://jukpmawry6/* will allow the site https://jukpmawry6/ and also any subdomains such as https://jukpmawry6/login/
Adding sites to an allow list (single tenant)
- Open your web browser and navigate to the Conceal Dashboard at https://dashboard.conceal.io - login if necessary.
- On the left-hand side go to the Policy section, or you can go to https://dashboard.conceal.io/policy
- Click the Add Website Policy button on the top right:
- Select the Bulk Upload tab.
- Click Download Sample File to see the expected format for uploading multiple sites to a policy. Below is a screenshot if the example. For this you will want to makes sure to type "allow" in the directive column. Save the file to upload.
- Upload the saved file to the Conceal dashboard by dragging and dropping into the space, or you can click in the space to open up your file finder and select the file.
- You should automatically see those policies appear as well as a notification.
- The window will default to the Add One tab upon opening. Type in the URL that you'd like to add to the allow policy. Remember to include asterisks to capture subdomains. Click Add Policy to save the changes.
Policies for multiple tenants:
Please refer to the Global policy settings through ConcealBrowse article for how to set policies to enforce across multiple tenants.
Please refer to the Navigating the Policy section of the ConcealBrowse Dashboard for more on auditing changes in the Policy section.
*Never hesitate to contact your Customer Success Manager for any questions or concerns. You may also open a support ticket at support.conceal.io by scrolling to the bottom and clicking Submit a request.
Was this article helpful?
Articles in this section
- Clear ConcealBrowse Extension Data on Windows
- ConcealBrowse extension interface walkthrough
- Disabling the Conceal overlay icon
- Does ConcealBrowse replace antivirus or EDR?
- Getting started with ConcealBrowse as an end user
- How do I find an extension ID?
- How do I know the latest version of ConcealBrowse?
- How do I prepare for an internal phishing campaign with ConcealBrowse?
- How do I reset my Conceal password?
- How does ConcealBrowse handle URL rewrites/redirects?