Skip to content

Create a campaign series

Start a new campaign series to test your users with attack simulations or enroll them in mandatory training.

You can choose the type of campaign series you want to use. Sophos Phish Threat includes templates for common attack types.

To create a series, do as follows:

  1. Go to My Products > Phish Threat > Campaigns. See Campaign overview.
  2. Click New Series.
  3. In Get Started, do as follows:

    1. Enter a campaign name.
    2. Choose what type of campaign series you want to set up.

      • Simulated attack series: This allows you to test targeted users with phishing, attachment, and credential harvesting campaigns.
      • Security training series: This allows you to enroll your users in a security training series.
    3. Choose the frequency of your campaign.

    4. Choose the language of your email and training materials.
    5. Click Next.

    Get Started page.

  4. In Series preferences, depending on the type of series that you chose, do one of the following:

    • Set up an attack series:

      1. Choose the type of attacks to send to your users. You can select a combination of the attack types.
      2. Choose the difficulty level of the simulation.
      3. Choose whether your users are enrolled in training after the simulation.

        By default, users are enrolled in training that matches the selected attacks.

      4. Click Next.

    • Set up a training series:

      1. Click a training course to review a synopsis.
      2. Click Choose this training to select a training course.


        You can select multiple training courses.

      3. Click Next.

    Series preferences page.

  5. In Enroll Users, do as follows:

    1. Choose which Users or Groups to send the campaign series to.


      You can't add users or groups with email addresses that use unverified domains. See Restrictions.

    2. (Optional) Turn on Auto-enroll new users to this series if you want to enroll new Sophos Central users in the series automatically. See Auto-enrollment.

    3. Click Next.

    Enroll users page.

  6. In Review & Schedule, do as follows:

    1. Review the series options and click Edit to make any changes.
    2. Schedule the series:

      • For a simulated attack series, set when the series ends.

        You can choose an end date or allow a series to continue until you cancel it. Any actions taken by users after the end date are not factored into the campaign results.

      • For a training series, set when the series starts.

    3. Click Done.

    Review & Schedule page.


You can only send simulated phishing emails to email addresses at domains you own. You must verify your domains with us before using them in Phish Threat campaigns.


If you're an Enterprise customer, you must add and verify your domains in each of your sub-estates.

  • When you select Enroll Users, and some users' email addresses use unverified domains, you'll see a warning message.
  • When you select Groups, and a group has a mix of verified and unverified domains in the email addresses, only the addresses with verified domains are added to the campaign. You'll see a warning message. You can verify the domains or continue with the addresses with verified domains.

Click Verify domains in the warning message to start verifying your domains. After verifying your domains, click Phish Threat to continue creating your campaign.

For more information on verifying domains, see Verify domains.