cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Microsoft Exchange Online Attack Simulator and Google Chrome

Jeff Harlow
Iron Contributor

‎Apr 10 2019 08:39 AM

‎Apr 10 2019 08:39 AM

Microsoft Exchange Online Attack Simulator and Google Chrome

Started messing around with the Attack Simulator feature in Exchange Online. Seems pretty sweet except when using Chrome, their landing pages get blocked by Google Chromes own Malware Screen Detection.   While we like to think all malware campaigns would get blocked, this does not seem to give a real world scenario results I would like to see (not every campaign will get blocked by Chrome).  Anyone know of a way to get around this for true corporate scan?  

 

2,552 Views
0 Likes
2 Replies
Reply
2 Replies
Andy Stout

‎Apr 24 2019 05:13 AM

‎Apr 24 2019 05:13 AM

Re: Microsoft Exchange Online Attack Simulator and Google Chrome

@Jeff Harlow 

We are running into the same issue.  Google's Safe Browsing feature detects all of Microsoft's attack simulator domains as malicious.  Microsoft really needs to get these whitelisted by Google.  I have a ticket open with Microsoft support regarding this issue and they don't seem to have an answer right now.

0 Likes
Reply
best response confirmed by Deleted
Jeff Harlow

‎Apr 24 2019 05:29 AM

‎Apr 24 2019 05:29 AM

Solution

Re: Microsoft Exchange Online Attack Simulator and Google Chrome

  Maybe you will have better luck. After going back and forth with Microsoft (*cough 3rd party support), they basically said they won’t fix the problem.  They claim it is "Out of our scope"; for me to "contact Google" and the issue was "rejected due to security constraints” They were unwilling to whitelist their OWN freaking domain.   It is absolutely nuts! but I am getting used to their support being very lacking these days.  When we first started using Office 365, it was great. But over the past year, it has been nothing but junk. 

 

That all being said. I did find a workaround. It is not stellar, but it will work.  We use Intune, so YMMV. Using Intune, I created the typical ADMX policies then I added a policy to install Windows Defender as an extension.  Afterwards, I added an additional policy to disable Google's "Safe Browsing".  In short, I am forcing Google to use Microsoft's defender instead of Google's in order to use Microsoft's sites for their attack simulator.  It is unbelievable that one has to do this as they were unwilling to whitelist their OWN domains. Heck, I even sent them the link to whitelist; which requires ownership verification. 

 

I understand that 1st contact can be handled by 3rd party support lines. But they should be able to escalate to an actual Microsoft engineer, once an issue has been determined to fall under those catagories; but I can attest, they simply wont or cannot.  I fear the day when dealing with Azure support becomes the same way.  At least my experience is Azure support at least seems to know or have the necessary information to support their platform.  Office 365 on the other hand, is no different than calling Comcast for support. :shrug: 

 

1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by Deleted
Jeff Harlow

‎Apr 24 2019 05:29 AM

‎Apr 24 2019 05:29 AM

Solution

Re: Microsoft Exchange Online Attack Simulator and Google Chrome

  Maybe you will have better luck. After going back and forth with Microsoft (*cough 3rd party support), they basically said they won’t fix the problem.  They claim it is "Out of our scope"; for me to "contact Google" and the issue was "rejected due to security constraints” They were unwilling to whitelist their OWN freaking domain.   It is absolutely nuts! but I am getting used to their support being very lacking these days.  When we first started using Office 365, it was great. But over the past year, it has been nothing but junk. 

 

That all being said. I did find a workaround. It is not stellar, but it will work.  We use Intune, so YMMV. Using Intune, I created the typical ADMX policies then I added a policy to install Windows Defender as an extension.  Afterwards, I added an additional policy to disable Google's "Safe Browsing".  In short, I am forcing Google to use Microsoft's defender instead of Google's in order to use Microsoft's sites for their attack simulator.  It is unbelievable that one has to do this as they were unwilling to whitelist their OWN domains. Heck, I even sent them the link to whitelist; which requires ownership verification. 

 

I understand that 1st contact can be handled by 3rd party support lines. But they should be able to escalate to an actual Microsoft engineer, once an issue has been determined to fall under those catagories; but I can attest, they simply wont or cannot.  I fear the day when dealing with Azure support becomes the same way.  At least my experience is Azure support at least seems to know or have the necessary information to support their platform.  Office 365 on the other hand, is no different than calling Comcast for support. :shrug: 

 

View solution in original post

1 Like
Reply