Introducing Additional Dynamic Tags in Attack Simulation Training

Attack Simulation Training is an intelligent phish risk reduction tool that measures behavior change and automates the design and deployment of an integrated security awareness training program across an organization. Attack Simulation Training is available to customers with Microsoft Defender for Office 365 Plan 2, as well as Microsoft 365 E5 customers.

We are excited to announce the introduction of new dynamic tags in Attack Simulation Training. These tags can be leveraged across the product in phishing payloads, landing pages, and end-user notification experiences in a consistent, repeatable manner. Dynamic tags enable enterprises to run deeply customized simulation campaigns thereby producing better learning experiences and influencing behavior change.

For example, consider the following phishing message:

Hi,

Your manager has requested you to release the payment of $35000 to the contractor by end of day today. Click here to authorize the transaction.

<versus>

Hi Matt,

Your manager, Jim Turner has requested you to release the payment of $35000 to the contractor by end of day today i.e. 1/18/2022. Click here to authorize the transaction.

From the simple example above, it is clear that the second message offers a more compelling proposition to click and is more personalized to the end-user. The various attributes in the email such as “Matt” (FirstName), “Jim Turner” (Manager), “1/18/2022” (Date) are some examples of dynamic tags that can be used as part of phish simulations and related communications.

Dynamic tags when used will in turn be substituted with the contextual values that the user will see. The following new dynamic tags are now available across the payload creation, landing page, and end-user notification experiences:

• ${firstName} - Maps to the user’s first name attribute as defined in Azure AD
• ${lastName} - Maps to the user’s last name attribute as defined in Azure AD
• ${userName} - Maps to the user’s name attribute as defined in Azure AD, equivalent to display name
• ${emailAddress} - Maps to the user’s Email attribute as defined in Azure AD
• ${upn} - Maps to the user’s user principal name attribute as defined in Azure AD
• ${department} - Maps to the user’s department attribute as defined in Azure AD
• ${manager} - Maps to the user’s manager attribute as defined in Azure AD
• ${city} - Maps to the user’s city attribute as defined in Azure AD
• ${mobilePhone} - Maps to the user’s mobile phone attribute as defined in Azure AD
• ${date|MM/dd/yyyy|offset} – Maps to the date in the MM/dd/yyyy format. Note that:
  • Format is configurable as per the information mentioned at Custom date and time format strings.
  • "offset" is any numeric value representing number of days to be added or subtracted to current date.
  • Both format and offset are optional.
  • In case of invalid format or offset, current date will be shown in the default MM/dd/yyyy format.
  • Example: Let’s say today date is 29th March 2023

         ${date|MM/dd/yyyy|offset} -> today's date in MM/dd/yyyy format i.e 03/29/2023

         ${date|MM/dd/yyyy} -> today's date in MM/dd/yyyy format  i.e 03/29/2023

         ${date} -> today's date in MM/dd/yyyy  i.e 03/29/2023

         ${date|MM/dd/yyyy|1} -> tomorrow's date in MM/dd/yyyy format  i.e 03/30/2023

         ${date|dd-MM-yy|-1} -> yesterday's date in dd-MM-yy format. i.e 28-03-23

Existing dynamic tags that were relevant specifically either to the landing page or the end user notification experiences will be retained as-is.

You can leverage these dynamic tags by selecting them from the “Dynamic Tag” drop-down that is integrated with the Rich Text Editor (RTE) or by typing in the placeholders directly into the editor:

Tip: You can also leverage the built-in preview experiences as you design your content to understand how the dynamic tags would be rendered.  Sample preview experience of a landing page below with the dynamic tag rendered:

We hope you find these updates useful as you continue your journey of end-user education and behavior change. If you have any comments or feedback, do let us know!

Want to learn more about Attack Simulation Training?

Get started with the available documentation today and check out the blogs for Setting up a New Phish Simulation Program-Part One and Part Two. In addition to these, you can read more details about new features in Attack Simulation Training.