Preview upcoming Autopilot campaigns
Use Campaign Previews to see what Autopilot will send next — the email screenshot, educational context, training video, and the safelist IPs your IT team must allowlist.
Campaign Previews is a read-only window into the phishing simulations Autopilot has lined up for your organization. It shows you the next scheduled send — the actual email your users will see, the red flags and triggers that make it convincing, an optional training video, and the sending IPs your IT team needs to allowlist. You open it when you want to know what's coming before it lands, brief your help desk, or hand IT the safelist details ahead of launch.
This page is read-only
Campaign Previews is a transparency window, not an approval queue. There is no approve, reject, edit, reschedule, or cancel action anywhere on this page. Autopilot runs on its own schedule — previews only let you see what it will send. To change what Autopilot does, adjust your settings in Understand and set up Autopilot.
Before you start
Prerequisites
- You're signed in to Hook as an org admin, with the right organization selected in the org switcher if you manage more than one. The list refreshes automatically when you switch orgs.
- Autopilot (Campaign of the Month) is enabled for the selected organization. If it isn't, the page shows a "Campaign Preview Unavailable" message instead of any campaigns — see Common pitfalls.
Open Campaign Previews
From the org portal, go to Autopilot → Campaign Previews
(/org/autopilot/previews). The page header reads Campaign
Previews, with the subtitle Upcoming and completed phishing
simulation campaigns for your organization.
What you see here is deliberately limited: the customer view surfaces only Scheduled (upcoming) and Completed (past) campaigns. Any other status — for example in-progress or failed jobs — is filtered out, so the list stays focused on what's coming next and what already ran.

Find a campaign
Scan the list
Campaigns are sorted newest-first by scheduled date. Each row shows:
- A status badge — Scheduled (upcoming) or Completed (past).
- The campaign name.
- The month and year, followed by the scheduled date.
- The theme (on wider screens), if one is set.
Search by name or theme
Type into the Search campaigns… box to filter the list. Search matches the campaign name and the theme — nothing else. Clear the box with the X to return to the full list. If nothing matches, Hook shows a "No campaigns match" empty state prompting you to adjust your search.
Open the detail card
Click any row to open its preview detail at
/org/autopilot/previews/<id>. This is where the full email
screenshot, educational context, and safelist live.
Read the preview detail
The detail card is the heart of the page. From top to bottom it gives you everything you need to know about a single simulation.
Header and schedule
The card title is the campaign name, with the month and year beneath it and the status badge on the right. A calendar line restates the full Scheduled for date (for example, Scheduled for July 14, 2026). If the campaign has a description, it appears just above the schedule line.
Email template screenshot
Under Email Template, you'll see the template name and a rendered screenshot of the phishing email exactly as your users will receive it. This is the single best way to know what's landing in inboxes before it does — useful for briefing your help desk or leadership.

What to Look For
The What to Look For section is the educational context Hook attaches to the simulation. It appears only when at least one of these is present:
- Theme — the social-engineering angle (for example, a fake invoice or a password-reset lure).
- Red Flags — the tell-tale signs a careful reader should catch, listed with warning icons.
- Triggers — the psychological pressure tactics the email leans on, shown as tags.
Use this section when you want to explain why a simulation works, not just what it looks like.
Training video
If the campaign has an associated lesson, a Training Video section shows a Watch training video link that opens in a new tab. This section is hidden entirely when no video is attached, so don't expect it on every preview.
Hand IT the safelist details
Every preview detail card ends with a Safelist Information card. This is the part you forward to your IT or security team, because if they don't act on it, your simulation emails get blocked before they ever reach a user.
The card lists 8 PhishingBox sending IP addresses — the infrastructure Hook uses to deliver every simulation, both Autopilot and manual campaigns:
64.191.166.196
64.191.166.197
64.191.166.198
198.61.254.6
54.80.160.189
54.88.246.212
54.240.70.101
54.240.70.102Click Copy all to copy the full list to your clipboard, ready to paste into a ticket or your gateway's allowlist. The button confirms with a "Copied" state and a toast. IT should allowlist these IPs in your email gateway and firewall before the campaign launches.
Sender domains aren't listed here
The Safelist card intentionally shows only IPs. Sending domains are set per-template (derived from each template's sender address) and are surfaced separately in the manual campaign wizard — not on this page. If your gateway filters by domain as well as IP, see Safelist Hook sending domains and IPs for the complete allowlisting guide.

Common pitfalls
- "Campaign Preview Unavailable" instead of campaigns. This isn't an error or a broken page — it means Autopilot (Campaign of the Month) isn't enabled for the organization you have selected. Turn it on from Understand and set up Autopilot, or switch to an org that has it enabled. You'll see a similar "Campaign Unavailable" message on a detail page if you open a campaign that isn't visible to the customer view.
- You can't change anything here. There's no edit, approve, or reschedule control. Previews reflect Autopilot's decisions; change the program in Autopilot settings, not on this page.
- In-progress and failed jobs don't appear. The customer view only ever shows Scheduled and Completed campaigns, so a gap in the list doesn't mean something went wrong — it means that job isn't in a status meant for this view.
- The safelist lists IPs only. If a simulation still gets blocked after allowlisting these IPs, the cause is usually a domain-level filter. Pull the per-template sender domain from the campaign wizard and add it too.
Related
Understand and set up Autopilot
Turn Autopilot on, choose frequency and audience, and control what these previews reflect.
Safelist Hook sending domains and IPs
The complete allowlisting guide, including per-template sending domains the preview omits.
Run a phishing campaign
Launch a one-off simulation by hand with the four-step campaign wizard.
Understand and configure Autopilot
Learn what Phishing Autopilot does, read the Autopilot overview, and tune frequency, schedule, recipients, skip-next-cycle, and notification contacts when self-management is granted.
Browse the reports catalog
Navigate the Reports hub — the four report categories, how to filter, and which report answers which question — then jump to the one you need.