Blog Post

Security, Compliance, and Identity Blog
3 MIN READ

Customize login pages in Attack Simulation Training

Richa_Sharma's avatar
Richa_Sharma
Icon for Microsoft rankMicrosoft
Jun 02, 2022

Attack Simulation Training is an intelligent phish risk reduction tool that measures behavior change and automates deployment of an integrated security awareness training program across an organization. It is available with Microsoft 365 E5 or Microsoft Defender for Office 365 P2 plan. As per the previous experience, users were directed to the Microsoft curated credential harvest login page when they fell prey to a Credential Harvest or a Link in Attachment phishing technique but as part of new experience, admin can now customize login page as per the theme of the payload. For example, a LinkedIn themed payload can be mapped with a LinkedIn login page.

We’re pleased to announce that these can now be and customized. Microsoft curated login pages will be available in 12+ languages whereas tenant login page can be created in a language of your choice.

 

How to create or access login page?

It is provided under Simulations Content Library->Login Pages which will be used to create, edit, copy, and delete login pages. Login pages are either Microsoft curated or customized by a customer.

  1. Microsoft curated login page

You can also load these login pages while creating custom login pages as a template to avoid creating it from scratch.

Below are the four Microsoft curated login pages:

  1. Microsoft login page
  2. LinkedIn Login page
  3. GitHub Login page
  4. Non-branded login page

Image 1: Microsoft curated GitHub login page

 

  1. Custom login page created by a customer (Tenant)

Enables you to tailor the login page to your requirements in 12 languages. For example, include your own branding, next button, compromise button, messaging, HTML code, and more.

Login page can also be customized to create a data collection page like name, address or other information from the end user as per the need. No data is collected by this product once the user submits this information on the login page.

  1. Select a language: Allows you to configure login page in 12 different languages
  2. Mark this the default login This default login page will be mapped to the payloads while creating a simulation.
  3. Create a two-page login: Allows you to create a two-page login page as opposed to one page login
  4. The “code” tab that comes along with the rich text editor can be leveraged for additional sophisticated design requirements using html code.
  5. Dynamic tag: Allows you to choose the users first name, last name, upn, email address date, training count, training due date, training duration, training details and payload. You can prefill the email address of the end user using dynamic tag in the login page. This will display respective users email address in the Email input field.
  6. Use from Default: Allows you to choose four different Microsoft default login pages with predefined formatting and make additional modifications as necessary.
  7. Add compromise button: Allows you to define or add a compromise button for the end user in the login page. Clicking on this button will trigger the compromise action. In case of two-page login, there will be an option to add next button on the first page and compromise button on the second page.
  8. Company Logo/images: The image embedded in the HTML code is base 64 encoded in RTE.
  9. Body: Allows you to create content/text of your choice.
  10. Preview login page: Allows the admin to preview the login page to validate the changes made in the login page.

 

Image 2: Configure custom login page

 

How to use login page in simulations?

Login page is added to the select payload wizard which is renamed as ‘Select payload and login page’. It allows admin to choose from Microsoft defaults or customized login pages from the Login page tab on the preview page. All the payloads are mapped to the Microsoft default login page initially until admin chooses to map a different login page with the payload.

No credentials are saved in the product when the user submits the credentials in the login page.

 

Image 3: Select login page in a simulation

 

We hope you enjoy using the custom login page in a simulation. Looking forward to your experience and feedback!

 

Want to learn more about Attack Simulation Training?

Get started with the available documentation today and checkout the blogs for Setting up a New Phish Simulation Program-Part One and Part Two. In addition to these, you can read more details about new features in Attack Simulation Training.

 

Updated Jun 02, 2022
Version 1.0
  • tkatsapas's avatar
    tkatsapas
    Copper Contributor

    How on earth are we meant to change the background image on the custom logon page in Attack Simulator?
    I have tried everything and cannot seem to change the background.
    Please can you help guide me. I feel it should be easier than it is....

    I managed to resolve this. You need to edit the code, and put the background-image value as the same aadcdn value as what you see at the actual logon page.
    So once you load your login.microsoftonline.com and type your username, once you redirect, just use F12 dev tools, inspect the URL for the background, and then edit the Logon Page, select Code, and change the background-image URL value. Voila!

  • Jason Rusnak's avatar
    Jason Rusnak
    Copper Contributor

    tkatsapas - Care to elaborate a bit more on finding the value needed on the actual logon page? I'm struggling to find it using the dev tools.

     

    Thanks!

  • vuca_1's avatar
    vuca_1
    Copper Contributor

    Is Microsoft Attack Simulator even being updated/worked on? Last update came more than 2 years ago and even some of the old features are broken. Would like to hear from Microsoft what the plans for the product are as it's lagging behind.