Where a phishing simulation domain is used extensively, it is probable that over time those domains will start to incorrectly appear on security vendors blacklists, and be flagged as a malicious website. Unless the vendor is aware of the ethical use of such domains, this is likely to happen. Google, amongst other providers, will use those blacklists and their own increasingly intelligent algorithms to make determination of whether a given website is safe or malicious. If it is determined that a site is malicious, users clicking phishing simulation links in a phishing simulation email may be prevented or warned from visiting the simulation landing page. Such intervention limits the effectiveness of phishing simulation training.
OutThink’s Security Operations Team proactively work with security vendors to ensure that the domains used for phishing simulations do not appear on blacklists, and vendors like Google are informed in advance of the use of such simulation domains. However this process takes time, and it is possible that large scale use of a domain means that it still gets flagged as malicious.
If your users use Google Chrome, it is recommended to introduce a Safe Browsing allowlist to be sure that this warning message does not interrupt users when clicking simulation hyperlinks.
On Microsoft Windows, this policy is only available on instances that are joined to a Microsoft Active Directory domain, joined to Microsoft Entra ID or enrolled in Chrome Browser Cloud Management.
On macOS, this policy is only available on instances that are managed via MDM, joined to a domain via MCX or enrolled in Chrome Browser Cloud Management.
Setting Safe Browsing Allowlist
Contact your Customer Success Representative to obtain the most recent phishing simulation domains to add to the allowlist.
The following Chrome Browser Policy will need to be set to add OutThink’s Phishing Simulation Domains to the Safe Browsing Allowlist.
https://chromeenterprise.google/policies/#SafeBrowsingAllowlistDomains
The Chrome Browser Policy can be applied throughout your organization using group policy. Following the instructions given here.
https://support.google.com/chrome/a/answer/187202?hl=en
Using Microsoft Intune
You can use device configuration profiles for Windows and MacOS devices, to set the allow list for domains in Google Chrome.
Windows:
- Create a new policy in Devices > Configuration (for Win 10+, type Templates, name Administrative Templates)
- Configuration Settings – select Computer Configuration, and then Google > Google Chrome > Safe Browsing Settings – “Configure the list of domains on which Safe Browsing will not trigger warnings“
- Enable the setting. Enter the provided domains into the text boxes, 1 per box.
- Assign the policy to the relevant groups, or choose “Add all devices”
MacOS:
- Create a new policy in Devices > Configuration (for MacOS, type Templates, name Preference File)
- Configuration Settings – Preference domain name = com.google.Chrome
- Create a text file called “com.google.Chrome.plist” with the below text included, replacing “website.com” with the simulation URLs provided. Duplicate the <array> entries to enter more than 1 URL. Upload this file (must be a .plist file extension) to the policy:
<key>SafeBrowsingAllowlistDomains</key>
<array>
<string>website.com</string>
</array>- Assign the policy to the relevant groups, or choose “Add all devices”
NOTE: The “.plist” preference file can also be deployed using other MDM solutions.
Using Registry Keys (Windows)
In Windows, you can also set up registry keys for setting the allow list in Google Chrome. Create/check the below key, manually or via deployment:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\SafeBrowsingAllowlistDomainsCreate new String Value keys (REG_SZ) named “1”, “2”, and so on. The value data is the domain name, e.g. website.com
For further assistance, contact your Customer Success Representative.
Was this helpful?
1 / 0