Each month QuickHelp creates a new Simulated Phishing Campaign. If a new domain is being used, you may need to add that domain to both your Advanced Whitelisting and your Microsoft Defender.
Advanced Whitelisting:
1. Log into your Microsoft 365 Defender.
2. Under Email & collaboration, click Policies & Rules.
3. On the Policies & rules screen, select Threat Policies.
4. Under Rules, click Advanced Delivery.
5. Click the Phishing Simulation tab. Click edit
6. On the Add Third-Party Phishing Simulations screen, enter the new domain(s) for use in your phishing campaign email. Enter it as follows:
“*” as a wildcard followed by a period (“.”) see the following example for formatting: *.ExampleCustomerPhishingDomain
Note: You may also choose to enter any or all of the subdomains listed below or other domains that you are using in your phishing campaign. (Please remember that your organization's advanced delivery policy may have a limit. It may only allow between 1-20 entries)
- *.amazon.com
- *.myworkday.com
- *.login.linkedin.com
- *.microsoft.com
- *.microsolt.com
- *.microsalt.com
- *.dhs.gov
- *.securedocuments.com
- *.facebookmail.com
- *.facebook.com
- *.filesyncservices.com
- *.accounts.google.com
- *.google.com
- *.login.live
- *.microsoft-password-reset.com
- *.dmv.realid
- *.onedrive.live
- *.paymentdirect.com
- *.modernatx.com
- *.teams.microsoft.com
- *.linkedin.com
7. Click Save
Microsoft Defender:
Log into your Microsoft Management Admin Center (endpoint.Microsoft.com)
1. Select Devices
2. Under Policy > Configuration profiles
3. Click on the profile name previously configured for QuickHelp Threat Defense
4. Under Manage select Properties
5. Under Configuration Settings click Edit
6. Select Microsoft Edge
7. Search for and click on: “Configure the list of domains for which Microsoft Defender SmartScreen won’t trigger warnings”
8. Select Enabled
10. Enter the new domain
11. Click OK
12. Click Review and Save
13. Click Save