Each month BrainStorm creates a new Simulated Phishing Campaign. If a new domain is being used, you may need to add that domain to both your Advanced Whitelisting and your Microsoft Defender.


 

Advanced Whitelisting:


1. Log into your Microsoft 365 Defender. 


Graphical user interface, application

Description automatically generated

 

2. Under Email & collaboration, click Policies & Rules.


Graphical user interface, application

Description automatically generated with medium confidence

 

3. On the Policies & rules screen, select Threat Policies.

 

Graphical user interface, text, application

Description automatically generated


4. Under Rules, click Advanced Delivery.


Graphical user interface, text, application, email

Description automatically generated 

 

5. Click the Phishing Simulation tab. Click edit 


Graphical user interface, text, application, email

Description automatically generated

 

6. On the Add Third-Party Phishing Simulations screen, enter the new domain(s) for use in your phishing campaign email. Enter it as follows:

     “*” as a wildcard followed by a period (“.”) see the following example for formatting: *.ExampleCustomerPhishingDomain 


Note: You may also choose to enter any or all of the subdomains listed below. (Please remember that your organization's advanced delivery policy may have a limit. It may only allow between 1-20 entries)

  1. *.amazon.com
  2. *.myworkday.com
  3. *.login.linkedin.com
  4. *.microsoft.com
  5. *.microsolt.com
  6. *.microsalt.com
  7. *.dhs.gov
  8. *.securedocuments.com
  9. *.facebookmail.com
  10. *.facebook.com
  11. *.filesyncservices.com
  12. *.accounts.google.com
  13. *.google.com
  14. *.login.live
  15. *.microsoft-password-reset.com
  16. *.dmv.realid
  17. *.onedrive.live
  18. *.paymentdirect.com
  19. *.modernatx.com
  20. *.teams.microsoft.com
  21. *.linkedin.com

7. Click Add

 

 

Microsoft Defender:

 

Log into your Microsoft Management Admin Center (endpoint.Microsoft.com) 

1. Select Devices

2Under Policy > Configuration profiles

3. Click on the profile name previously configured for QuickHelp Threat Defense 


Graphical user interface, application

Description automatically generated

4. Under Manage select Properties

5. Under Configuration Settings click Edit 


Graphical user interface, application

Description automatically generated

 

 

6. Select Microsoft Edge


Graphical user interface, text, application

Description automatically generated


7. Search for and click on: “Configure the list of domains for which Microsoft Defender SmartScreen won’t trigger warnings

8. Select Enabled

10. Enter the new domain

11. Click OK


Text

Description automatically generated


12. Click Review and Save

13. Click Save