Follow this process to allow Webroot phishing simulations
 
Tip: To complete these steps, you need to be a member of the Security Administrator role group in the Microsoft 365 Defender portal and a member of the Organization Management role group in Exchange Online. You can also use Azure Active Directory roles to assign the required permissions.

Note: SecOps mailbox configuration is not required for WSAT operation. SecOps mailbox designation allows for unfiltered mail and is therefore a best practice for administrator oversight. SecOps designation should not be applied to target user mailboxes. Refer to the Microsoft documentation for further detail.
 
Use the Microsoft 365 Defender portal to configure third-party phishing simulations in the advanced delivery policy
  1. In the Microsoft 365 Defender portal, go to Email & Collaboration > Policies & Rules > Threat policies page > Rules section > Advanced delivery.
     
  2. On the Advanced delivery page, verify that the Phising simulation tab is selected, and then do one of the following steps:
    • Click Edit icon Edit.
    • If there are no configured phishing simulations, click Add.
  3. On the Edit third-party phishing simulation flyout, configure the following settings:
     
    • Domain - Webroot Security Awareness Training domains that can be for simulations. See the list of domains included in this article.

      Expand the section and add the domains you intend to use in simulations, remembering to update it if you change the domains.

      Sending IP - Webroot uses multiple servers to send mail, enter IPv4 addresses for each.

      Expand the section and add all of the Webroot email server IP addresses. The Webroot mail server information is specified in this article.
       
    • Simulation URLs to allow (optional) - Use this section to specify any URLs that are part of the simulation that you do not want blocked. This optional step can be used to ensure that URLs used in simulations are allowed. For the URL syntax format, see URL syntax for the Tenant Allow/Block List.

      Expand the section and add and any simulation URLs to allow.
  4. When you're finished, do one of the following steps:
    • First time: Click Add, then click Close.
    • Edit existing: Click Save, then click Close.

+List of domains Security Awareness training uses to send simulations
Below is the list of domains that can be used with simulations for Security Awareness Training.
 
Training domains
awareness.webrootanywhere.com (Used by Autopilot)
cyber-awareness.training
gigatrainer.com
internetsecurity.training
webroottraining.com (Used by Autopilot)

Phishing domains
admin-alerts.com (Used by Autopilot)
bank-verify.com
credit-alerts.us
credit-notification.com
creditsecure.info
cybermailer.net
digi-alert.com
digital-notification.com
emailnotice.me
emailsecure.me
helpdesk-notification.com
hr-internal.com (Used by Autopilot)
it-alert.me
medical-statement.com
mx-secure.com (Used by Autopilot)
mycredit-alert.com
mycreditpayment.com
package-delivery.me
payment-received.me
processmailer.com
secure-site.me
security-alerts.me
shipping-alert.com
shipping-confirm.com
shipping-notice.com (Used by Autopilot)
trackingverify.com
travel-alert.info

Is this article helpful?
   
Thanks for your feedback!

Powered by noHold, Inc. U.S. Patent No. 10,659,398
All Contents Copyright© 2024