Feedback by UserVoice


My feedback

  1. 145 votes
    Sign in
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →

    The core cred harvesting URLs in attack simulator are allow-listed in SmartScreen (the technology used in Explorer and Edge), so they shouldn’t be blocked with those browsers. Chrome is usually the biggest problem, and Microsoft has been unsuccessful in convincing Google that they should include our phish training URLs in their default allow-lists. Instructions on how to deploy a client policy that allow-lists the cred harvesting URLs for Chrome can be found here:

    At the moment, the following URLs are included in the M365 Attack Simulator:

    An error occurred while saving the comment
    ina commented  · 

    any solution for this? looks like no answer from Microsoft :(

    ina supported this idea  · 

Feedback and Knowledge Base