Microsoft Attack Simulator Links not showing

%3CLINGO-SUB%20id%3D%22%5C%26quot%3Blingo-sub-3035711%5C%26quot%3B%22%20slang%3D%22%5C%26quot%3Ben-US%5C%26quot%3B%22%3EMicrosoft%20Attack%20Simulator%20Links%20not%20showing%26lt%3B%5C%2Flingo-sub%26gt%3B%3CLINGO-BODY%20id%3D%22%5C%26quot%3Blingo-body-3035711%5C%26quot%3B%22%20slang%3D%22%5C%26quot%3Ben-US%5C%26quot%3B%22%3E%3CP%3EHi%2C%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3EI%20have%20run%20a%20lot%20of%20simulated%20phishing%20attacks%20over%20the%20past%206%20months%20without%20issue%2C%20but%20recently%20when%20ever%20I%20run%20one%2C%20the%20link%20that%20should%20point%20the%20user%20to%20Training%20no%20longer%20shows%20after%20the%20user%20compromises%20themselves%3F%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3EWhat%20should%20happen%2C%20is%20when%20the%20user%20gets%20the%20email%20and%20they%20click%20on%20the%20link%20(this%20is%20for%20a%20Drive-by%20URL%20simulation)%20they%20should%20be%20re-directed%20to%20an%20official%20MS%20page%20saying%2C%20'You've%20been%20phished%20by%20your%20security%20team...'%20as%20well%20as%20a%20link%20to%20the%20training%2C%3CSPAN%3E%26nbsp%3B%26lt%3B%5C%2FSPAN%26gt%3B%3CA%20href%3D%22%5C%26quot%3Bhttps%3A%2F%2Fimgur.com%2Fa%2FygASIra%5C%26quot%3B%22%20target%3D%22%5C%26quot%3B_self%5C%26quot%3B%22%20rel%3D%22%5C%26quot%3Bnofollow%20nofollow%20noopener%20noreferrer%22%20noopener%3D%22%22%20noreferrer%3D%22%22%3EGo%20To%20Training%26lt%3B%5C%2FA%26gt%3B%3CSPAN%3E%26nbsp%3B(screen%20shot%20taken%20from%20Preview%20view%20prior%20to%20sending%20campaign%2C%20as%20it%20no%20longer%20shows%20when%20sent%20to%20users)%26nbsp%3B%26lt%3B%5C%2FSPAN%26gt%3Bwhich%20is%20now%20missing.%20When%20the%20user%20gets%20the%20email%20and%20clicks%20on%20the%20link%2C%20they%20get%20directed%20to%20the%20normal%20page%20saying%20that%20they%20have%20been%20phished%20etc%2C%20but%20the%20link%20at%20the%20bottom%20with%20the%20link%20that%20will%20take%20them%20to%20their%20training%2C%20shows%20for%20a%20fraction%20of%20a%20second%2C%20and%20the%20disappears.%26lt%3B%5C%2FP%26gt%3B%3C%2FSPAN%3E%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3EI%20have%20tested%20this%20in%20Edge%2C%20Chrome%20and%20Firefox%20and%20the%20issue%20is%20the%20same.%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3EFor%20training%2C%20I%20chose%20to%20point%20them%20to%20the%20Mass%20Marketing%20Phishing%20training%20videos%2C%20but%20have%20noticed%20that%20the%20button%20for%3CSPAN%3E%26nbsp%3B%26lt%3B%5C%2FSPAN%26gt%3B%3CA%20href%3D%22%5C%26quot%3Bhttps%3A%2F%2Fimgur.com%2Fa%2FnhSjdl3%5C%26quot%3B%22%20target%3D%22%5C%26quot%3B_blank%5C%26quot%3B%22%20rel%3D%22%5C%26quot%3Bnoopener%20nofollow%20noopener%20noreferrer%22%20nofollow%3D%22%22%20noreferrer%3D%22%22%3EClicked%20Payload%26lt%3B%5C%2FA%26gt%3B%3CSPAN%3E%26nbsp%3B%26lt%3B%5C%2FSPAN%26gt%3Bis%20grayed%20out%2C%20which%20was%20always%20previously%20available.%26lt%3B%5C%2FP%26gt%3B%3C%2FSPAN%3E%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3EAnyone%20else%20able%20to%20test%20this%20to%20see%20if%20the%20issue%20is%20the%20same%3F%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3E%5BUpdate%5D%26lt%3B%5C%2FSTRONG%26gt%3B%20I%20have%20also%20tried%20this%20in%20my%20own%20Azure%20lab%20environment%26nbsp%3B%20at%20home%20and%20see%20the%20same%20issues.%26lt%3B%5C%2FP%26gt%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3E%5BUpdate%202%5D%26lt%3B%5C%2FSTRONG%26gt%3B%20This%20seems%20to%20effect%20Drive-by%20URL%20Simulations%20as%20simulations%20for%20Credential%20Harvesting%20seem%20to%20work%20as%20expected.%26lt%3B%5C%2FP%26gt%3B%26lt%3B%5C%2Flingo-body%26gt%3B%3C%2FSTRONG%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3C%2FLINGO-SUB%3E
New Contributor

Hi,

I have run a lot of simulated phishing attacks over the past 6 months without issue, but recently when ever I run one, the link that should point the user to Training no longer shows after the user compromises themselves?

 

What should happen, is when the user gets the email and they click on the link (this is for a Drive-by URL simulation) they should be re-directed to an official MS page saying, 'You've been phished by your security team...' as well as a link to the training, Go To Training (screen shot taken from Preview view prior to sending campaign, as it no longer shows when sent to users) which is now missing. When the user gets the email and clicks on the link, they get directed to the normal page saying that they have been phished etc, but the link at the bottom with the link that will take them to their training, shows for a fraction of a second, and the disappears.

 

I have tested this in Edge, Chrome and Firefox and the issue is the same.

 

For training, I chose to point them to the Mass Marketing Phishing training videos, but have noticed that the button for Clicked Payload is grayed out, which was always previously available.

 

Anyone else able to test this to see if the issue is the same?

 

[Update] I have also tried this in my own Azure lab environment  at home and see the same issues.

 

[Update 2] This seems to effect Drive-by URL Simulations as simulations for Credential Harvesting seem to work as expected.

0 Replies