This document describes how to add the phishing domains used by the SoSafe Phishing Simulation to a policy for the Microsoft Defender for Microsoft 365 that prevents your users from seeing the following warning screen in the browser:


Ein Bild, das Text enthält.

Automatisch generierte Beschreibung

1. First, please go to https://www.office.com/apps?auth=2&home=1 and switch in "Office 365" tab to "Security".



A new tab of Microsoft 365 Defender will open.


2. Click on "Policies and rules" and then on “Threat policies”. Under the Threat policies click on “Safe Links”.


Ein Bild, das Text enthält.

Automatisch generierte Beschreibung


The window for editing secure links opens.


3. Click on "Create" to add a new safe links policy.


Ein Bild, das Text enthält.

Automatisch generierte Beschreibung

 

4. Name your policy and give it, if necessary, a description.


Ein Bild, das Text enthält.

Automatisch generierte Beschreibung

5. In the "Users and domains" tab, select the domain of your organization as the recipient domain.


6. In the protection settings, select “URLs will be rewritten and checked against a list of known malicious links when user clicks on the link.”.

Scroll down in the settings. Now you can define all URLs for the new policy, which are listed in the SoSafe Manager under Simulation > Whitelisting > List of used domains in the phishing links. The format of the domain should always match the format https://domain/* (e.g., https://learning.sosafe.de/*).


Ein Bild, das Text enthält.

Automatisch generierte Beschreibung