Historically, we can state that cybercriminals constantly find new ways to slip through spam filters and other types of protection. When performing a phishing simulation, you can simulate this situation. This is achieved by identifying all known and potential blockers and adding exceptions, rules, and whitelists where needed.
Please read through this article carefully before performing a phishing simulation.
Identify all potential blockers
External spam filter
When using both cloud-based and on-premise mail servers, an external spam filter might filter our malicious emails before they are delivered. Here, you must whitelist the sender. Consult your spam filter vendor for recommended settings.
Read about how to whitelist the sender.
Firewall
Some firewalls have the functionality to block malicious emails and websites. If this is the case, make exceptions for our IPs/network and whitelist the sender's email address. Add IP/network exceptions for the phishing simulation website/URL. Notice that this is only needed if a website is a part of the simulation.
Read about how to whitelist the phishing email sender address here.
Read about how to whitelist our IPs/networks here.
Read about how to whitelist the phishing simulation website URL.
Built-in-spam filters
When using Google and Microsoft for your email, you must whitelist the sender's email address in the built-in spam filter.
Read about how to whitelist using Microsoft 365.
Read about how to whitelist using Google.
Anti-virus
Some anti-viruses have a spam filter function. If needed, add a whitelist for the spam filter function. Consult with your vendor about how to achieve this.
IDS (Intrusion Detection System)
An IDS might block network traffic related to phishing websites, which might block a web page linked to the phishing simulation email. To avoid this issue, add IP/network exceptions. Notice that this is only needed if a website is a part of the simulation.
Read about how to whitelist our IPs/networks here.
Web filter
If you're using a web filter, it might block a web page linked to the phishing simulation email. To avoid this issue, add IP/network exceptions. To avoid this issue, add an exception for the phishing website URL. Notice that this is only needed if a website is a part of the simulation.
Read about how to make an exception for a phishing simulation URL.
Other protections?
Please also consider carefully what other types of protections you might have and take the necessary actions.
Testing
Run a test on a limited number of recipients
Sending a test phishing simulation to a limited number of recipients is an important test to ensure the phishing simulation will be sent out successfully. The disadvantage of this test is its limited number of emails. The more phishing simulation emails are sent out, the more likely it is that one or more of your protections will kick in.
Get started - step-by-step.
These are the steps for a successful simulation:
- Identify potential blockers.
- Whitelist and add exceptions in the potential blockers (both for the phishing simulation email, phishing simulation website, and the Awareness Training follow-up).
- Run a test send out to a limited number of recipients.
- If needed, add more whitelists and exceptions.
- Now, you're ready to send out the phishing simulation.
Need help?
Contact our support for further help.