Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Ensure phishing simulation delivery to M365 inboxes with Microsoft Advanced Delivery

            Created by David Barker, Modified on Sat, 27 Jan at 11:35 AM by David Barker

            Setting up Microsoft Advanced Delivery lets you easily bypass spam filtering and quarantine to ensure that your simulated phishing emails arrive to your end users' mailboxes.

             

            How to set up Microsoft Advanced Delivery

            Step One - Open the Microsoft 365 Defender portal


            Go to the Microsoft 365 Defender portal at https://security.microsoft.com

             

            Step Two - Find Advanced Delivery


            Go to Email & Collaboration > Policies & Rules > Threat policies > Rules > Advanced Delivery

             

            Step Three - Open the Phishing simulation tab


            You will find this next to the SecOps mailbox tab.

             

            Step Four - Add or Edit your simulation settings


            Click Add to configure a new simulation or Edit if you already have settings in place.

             

            Step Five - Enter the Sending domain(s)


            Microsoft Advanced Delivery is limited to a maximum of 20 sending domains. It is suggested you add the following 11 domains (below the screenshot) which are used automatically for auto-phishing as a minimum, if you are also running custom campaigns you should add those domains as well to the maximum of 20.



            Auto-Phish Domains:


            microloft.net

            biiing.net

            amzwon.net

            itsupports.com

            ithlpdesks.com

            banque-online.com

            sup0rt.co.uk

            innermail.co.uk

            ithelpdeskweb.co.uk

            companylegal.co.uk

            financialstaff.co.uk


            Step Six - Enter the Sending IPs


            The RiskBuddy IP addresses are listed below:

            198.21.6.191

            168.245.56.242

            99.80.168.14

             

             

            Step Seven - Enter the Simulation URL(s)


            You should add a URL for each landing page domain you wish to use. You will need to use a wildcard in order for the phishing URL to be detected e.g. itsupports.com/*


            For auto-phishing the landing page domain will be the same as the sending domain so use the domains from the list of "auto-phish domains" in step five.


            NOTE: Your custom simulations must use the same sender and landing page domain in order for links to be permitted via Advanced Delivery. Alternatively you can configure a mail flow rule to disable safe links.


            Step Eight - Save your settings


            Click Add (or Save if editing an existing config). There can be a delay in configuration changes taking effect. We recommend that you send a test phishing email to check that the Advanced Delivery config is working.

             

            You can also read instructions for the above on the Microsoft Website.

             

            Next steps

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0