Threat Defense phishing campaigns may be blocked by the new default security settings in Office 365. (For more information see Microsoft's article Secure by default in Office 365.) Follow these steps to whitelist BrainStorm Phishing Campaigns for your organization.


Note: Additional whitelisting may be required. See the following articles:

Whitelisting BrainStorm Threat Defense

Microsoft Windows Defender Domain Whitelisting


Whitelisting Threat Defense in the Advanced Delivery Policies


1. Log into your Microsoft 365 Defender.


2. Under Email & collaboration, click Policies & Rules.


3. On the Policies & rules screen, select Threat Policies.


4. Under Rules, click Advanced Delivery.


5. Click the Phishing Simulation tab. You may either edit an existing configuration or click the add button to create one. This will take you to the Add Third-Party Phishing Simulations screen.


6. On the Add( or Edit) Third-Party Phishing Simulations screen, fill in the following fields:

  1. Domain: the sender domain is a legitimate-looking domain. You will need to Add your organization's specific Threat Defense domain given to you by BrainStorm.



b. Sending IP (for BrainStorm, Inc.): 52.228.117.29

c. Simulation URLs to allow: Enter the specific domain of the URL given to you by BrainStorm to use in your phishing campaign email. Enter it as follows:

     “*” as a wildcard followed by a period (“.”) see the following example for formatting: *.ExampleCustomerPhishingDomain 


Note: You may also choose to enter any or all of the subdomains listed below. (Please remember that your organization's advanced delivery policy may have a limit. It may only allow between 1-20 entries)

  1. *.amazon.com
  2. *.myworkday.com
  3. *.login.linkedin.com
  4. *.microsoft.com
  5. *.microsolt.com
  6. *.microsalt.com
  7. *.dhs.gov
  8. *.securedocuments.com
  9. *.facebookmail.com
  10. *.facebook.com
  11. *.filesyncservices.com
  12. *.accounts.google.com
  13. *.google.com
  14. *.login.live
  15. *.microsoft-password-reset.com
  16. *.dmv.realid
  17. *.onedrive.live
  18. *.paymentdirect.com
  19. *.modernatx.com
  20. *.teams.microsoft.com
  21. *.linkedin.com