cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Third-party phishing simulation configuration not working?

Guilguil
Copper Contributor

‎Apr 13 2023 06:59 AM - edited ‎Apr 13 2023 07:03 AM

‎Apr 13 2023 06:59 AM - edited ‎Apr 13 2023 07:03 AM

Third-party phishing simulation configuration not working?

Hello,

 

I'm trying to set up the whitelist for a phishing simulation using a third-party service and have followed this : https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/skip-filtering-phishing...

The sending domain, IP, and phishing URLs are configured properly.

 

In the Explorer, when I look at the email, the "Primary Override : Source" does say "Allowed by organization policy : Phishing Simulation", and the URL are flagged as "Threat: Spam" but also have "Details:

URL allowed by tenant policy" which seems normal.
I have also added the URLs to the Safe Links configuration.
However, whenever I click on the link in the emails, I get blocked by the Safe Links protection. How come both the Phishing simulation and the Safe Links whitelisting do not prevent that URL from being scanned and blocked? Have I missed something?
 
To clarify, what I want is for my phishing simulation emails (and the URLs included) not to get scanned, filtered or replaced at all.
Thanks
1,298 Views
0 Likes
3 Replies
Reply
3 Replies
tbhellaz

‎Feb 05 2024 02:09 AM

‎Feb 05 2024 02:09 AM

Re: Third-party phishing simulation configuration not working?

@Guilguil Any solution here?

We are in the same situation right now.

 

I can add Domains and IPs and also click "save" but after that, it doesnt add anything.

0 Likes
Reply
keenanbrooks

‎Feb 05 2024 02:56 AM - edited ‎Feb 05 2024 05:04 AM

‎Feb 05 2024 02:56 AM - edited ‎Feb 05 2024 05:04 AM

Re: Third-party phishing simulation configuration not working?

Hi @tbhellaz 

So it sounds like the email is getting through but the link is still triggering Windows Smartscreen via safelinks. Could you try going to security.microsoft.com > Settings > Endpoints. Within here you will see "Indicators" under the rule menu. Here you will see an option of "URLs/Domains" in which you will add your domain with the "Allow" action. This sync can take a while in my experience, clear cookies a few times and see if this helps.

0 Likes
Reply
tbhellaz

‎Feb 05 2024 05:13 AM

‎Feb 05 2024 05:13 AM

Re: Third-party phishing simulation configuration not working?

@keenanbrooks Hi, thanks for answereing.

No, thats not what happening.

 

What i want to do is use the third party phising simulation config.

I an trying to add domains and ips. I can add them in the setup but when i click save it doesnt save anything.

 

Cant describe it much better, its the same problem the TE has.

 

0 Likes
Reply