Attack Simulation Training - external tag
I am testing the Attack Simulation Training. I noticed on the phishing email I received, that the "External" tag that Outlook assigns was missing. That would be a red flag for many people. Is there a way to make this more realistic and have the External tag? Attack Simulation Training
Attack Simulation Training
I would like to ask about Attack Simulation Training. Which we want to try in our company. We want to send for start some phishing stuff. However, when I setup everything and email is sent. Then user who clicks on the URL in the phishing mail which is from MS Library, the pages are not loading and after a while connection is timed out. Is there some problem with Licenses or there must be set up something else? We don't have these sites in the block list. Thanks in advance
Attack Simulator Reporting
Hi, I have a query about the reporting period for the phishing attack simulator? I would like the campaign to send out the emails over 2 day's, but wish the reporting period to be for 2 weeks. In the settings the default setting is 2 day's. Does this mean that the reporting will still be ongoing after the 2 days? If the answer is no, is it possible to change this setting on an ongoing simulator campaign? Many thanks,
Detection Engineering in Azure & Introducing AzDetectSuite
The AzDetectSuite is an open source project geared towards helping secure environments within Azure by utilizing KQL and Azure Monitor alerts. This heavily supplements the Azure Threat Research Matrix (ATRM) by supplying defensive content for the known techniques within Azure. This article will also cover what goes into a detection and how to develop a granular detection in a noisy environment.
Phishing attack simulator incorrectly emails people the message, "Because you were recently phished"
Hi folks, * I am evaluating Microsoft Phishing Attack Simulator with a 4 user pilot * None of the 4 users were phished in any of the 3 simulations that I actioned * At the end of each simulation, users are correctly being emailed a message with a link to phishing traning * However, the email with the link to the phishing training contains this wording: "Because you were recently phished, we require you to take training(s) to recognize phishing attacks in future." * The wording I quote is troublesome since it: a) Is inaccurate; none of the users were phished b) Presents me (and potentially my colleagues in IT Support), negatively, since it makes us look like we aren't in control of the simulation technology (ie it looks like we don't understand the reality of how each user responded in the simulations) c) Risks alienating us from our users My questions thus are: 1) Is anyone else impacted with this issue? 2) Is there a way for the wording I refer to, to be constructively edited? Any help is always appreciated. Regards, Steve
