Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
175 questions
third party phishing simulations
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 24%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
Christian
5
Reputation points
Long story short,
The issue is, recently when sending Sophos Phish Threat Campaigns with attachments, end users are not getting the initial campaign email, but instead are getting the follow-up email informing them that they’ve failed and have been auto-enrolled into training. All other phishing campaigns work as expected.
Sophos tech support looked over our configurations based on their material (even had the Senior Sophos Cyber Security Engineer look at it all) and the configurations related to third-party phishing simulations in MS Defender Advanced delivery and confirmed all settings are correct.
*Refer to the attached pic of MS settings.
We can’t make sense as to why now in the last couple of months this is happening when it never used to and no one has played with any settings. So we believe MS has maybe made some updates or changes etc.
Can anyone from MS get in touch to take a look?
{count} vote
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 28.000000000000004%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECK%3C/text%3E%3C/svg%3E)
Catherine Kyalo 655 Reputation points Microsoft Employee2024-03-15T12:46:40.37+00:00 - Check your Junk Email settings: Ensure that the phishing campaign emails are not being sent to the Junk Email folder.
- Check your email rules: Some email rules might be set up to automatically delete certain emails or send them to other folders.
- Check with your email admin: There might be organization-wide policies in place that are causing these emails to be deleted or moved.
- Review your third-party phishing simulation settings in Microsoft Defender for Office 365: Ensure that the settings are correctly configured to allow the phishing campaign emails. Here is a detailed documentation on this: Simulate a phishing attack with Microsoft Defender for Office 365
- Contact Microsoft Support: If all else fails, you should contact Microsoft Support directly. They can assist with more advanced troubleshooting and can also inform you of any recent changes that might have affected the delivery of these emails.
Sign in to comment