Description
Shield performs deep link analysis to protect users from malicious content. This advanced scanning occurs when the X-ray of an email is viewed. Shield uses a sandboxing environment to click and inspect links of the X-ray message to verify their safety. Viewing the message in a mail client will not activate this security feature.
We understand that partners and their customers may require the use of phishing simulation campaigns as part of security awareness training. Because phishing simulation services report on when a user has clicked a link in a phishing campaign message, we provide the ability to exclude those services from Shield's deep link analysis.
Compatibility with Phishing Simulation Services
Shield has been pre-configured to prevent deep link analysis with many phishing simulation platforms. We maintain compatibility settings for popular services, including:
- Breach Secure Now
- Bullphish
- Huntress
- KnowBe4
- Phin Security
- uSecure
Troubleshooting Phishing Campaign Issues
If you're experiencing issues with a phishing simulation campaign for a service listed above please troubleshoot and report the issue to our Support team.
Identify the Service
This helps to determine if:
- It's a service we've already configured but may need adjustment
- It's a service requiring configuration
Check for Microsoft SafeLinks
If link clicking or detonation is occurring for campaign messages from services listed above, the issue may stem from Microsoft's SafeLinks or other third-party link protection services rather than Shield. Review the Microsoft 365 tenant's, or other third-party tool's, configuration for potential conflicts.
Report Issues With an Existing Phishing Simulation Service
If the phishing simulation service is listed above, but you are still observing link clicking or detonation issues with a campaign, collect the following information:
- The phishing simulation platform name
- Specific campaign details experiencing issues
- Any error messages or unexpected behaviors
Include X-ray links, affected users, and attachments when possible.
Once all information is collected, please submit a support ticket informing us of the issue. Include all collected information for the issue. We'll work to ensure your security training runs smoothly alongside Shield's protection.
Request an Additional Phishing Simulation Service
If you or your customer use a Phishing Simulation Service not listed above, please submit a support ticket with the following information:
- Name of the Phishing Simulation Service and its website
- Sender IP Addresses
- Transactional Email IP Addresses (reminders, reports, etc.)
- Primary Sender Domains
- Phishing Sender Domains
- Is pixel tracking required by the vendor? (Yes/No/I'm not sure)
We will provide these details to our Development team to exclude the phishing simulation service from Shield's deep link analysis.
Related to
Updated