Microsoft Advanced Delivery for Phishing Simulations

Situation – Configuring Microsoft’s Advanced Delivery for Phishing

Version – Proofpoint Essentials Security Awareness Phishing

Summary – Ensure Safelisting in O365 has been completed properly. Configure using – Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes

Question 

Why and how should Microsoft’s Advanced Delivery for Phishing Simulations be setup to work with the Phishing tool?

Answer

It is recommended that, in addition to the safe listing suggested in Office 365 detailed in the article,  Security Awareness Safelisting in Office 365, that organizations also safe list within Microsoft’s Advanced Delivery section in Windows Defender.

To learn more about this new feature and how to setup it up and why it is recommended, please see the following Microsoft article,
Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes

TLDR (TL;DR) Instructions

  1. Go to https://security.microsoft.com/advanceddelivery?viewid=PhishingSimulation
  2. Click the Add
  3. Add the following details based on the campaign that is being sent. Make sure to click Enter after every entry
    • Sending Domain: This is the domain found in the Sender Email Address field in the phishing template
    • Sending IP: Add the two Phishing Simulation MTA IPs.

Please see Security Awareness Safelisting Guide to locate the IPs for your environment

  • Simulation URLs to allow: Add the phishing URLs that is being user in the selected template in the campaign
  1. Click the Add