none
Smart Screen blocking phishing education domain names. RRS feed

  • Question

  • These domains are valid, registered domains. There are no websites hosted for these domains they are simply used for a redirect:

    • Csadonotclickme-simulatedransomwaredownload.co.uk
    • Csadonotclickme-simulatedcatchpassword.co.uk

    What happens is one of these domains is used as the ‘hover’ link on the phishing link in the simulated test email. When the user clicks, the user is taken to the real link (the awareness page) which is hosted on:

    Csaeducation.co.uk

    How do we stop Microsoft's Smart Screen on these legitimate domains?

    Thank you.

    Friday, March 23, 2018 9:36 AM

All replies

  • Hi,

    depends on the IE security zone that your online or windows email client is mapped to. Desktop Outlook or Windows Mail map emails to the Internet zone...

    IE has security zone settings preventing navigation into a zone of lower integrity....

    For testing purposes you should

    1. Reset IE security zones to their default settings. Internet Options>Security tab, click "Reset all zones to default.".

    2. Remove localhost and other host names from your IE Trusted sites lists...use the File>Properties menu in IE to determine which IE security zone a host maps to... expected Internet.

    3. Turn your company proxy on/off in each testing cycle.

    4. Include running IE in noAddons mode in your test plans. Start>run>iexplore.exe -extoff... some third-party security software uses Toolbar and BHO Addons for site verification.

    5. Ensure that Windows Smart Screen is turned on and that it has not been turned off by other third-party software.

    Please provide the body of one of your test emails showing the hyperlink markup and host protocol(http(s));

    Use a tool like fiddler (https://telerik.com/fiddler) to inspect the response and request headers.

    I get a 404 when navigating directly to Csaeducation.co.uk... apparently you have not give lucy a default document yet.

    Regards.

    Questions regarding Internet Explorer 8, 9 and 10 and Internet Explorer 11 for the IT Pro Audience. Topics covered are: Installation, Deployment, Configuration, Security, Group Policy, Management questions.


    Rob^_^

    Saturday, March 24, 2018 4:45 AM