Forum Discussion
Attack Simulation Phishing Tool - IP whitelist
I'm trying to find IP's or domains to whitelist when using the Attack Simulation Phishing Tool. We currently use proofpoint but are planning to move into O365/Exchange online. Would a whitelist for M...
Thanks for the response. I may have been unclear in my original message. What I'm looking for is the IP's that the emails will be originating from, not the URL's in the payload/simulation. If our security tools flag the emails from the microsoft attack simulation phishing tool as malicious, I'd like to whitelist the IP's that the emails originate from.
There won't be any source IP addresses. The simulated phishes are written directly into the recipient mailboxes. There is no conventional delivery process.
For numerous reasons, you should run a preliminary test just phishing yourself or a very small number of trustworthy colleagues. This will allow you to confirm that the delivery is indeed "invisible". You can also check that your landing zone and notifications work correctly, that your payload URLs are not suddenly blocked and that any remedial training you may have specified is presented correctly.
For numerous reasons, you should run a preliminary test just phishing yourself or a very small number of trustworthy colleagues. This will allow you to confirm that the delivery is indeed "invisible". You can also check that your landing zone and notifications work correctly, that your payload URLs are not suddenly blocked and that any remedial training you may have specified is presented correctly.
- Ok great, yes we have run successful preliminary phishing tests. I figured this was going to be some sort of direct delivery vs a "traditional" phishing tool that sends from mail servers outside of the network. Thanks for the info.
By chance is there any documentation that gets into the weeds on how the phishing tool orchestrates these tasks (white papers etc?). Thanks again.