How to use the anti-spam option on Phishing?

What is the anti-spam option?

If Stoïk Protect's phishing simulation is effective, it's because it employs the same techniques as cyber attackers. The flip side is that some of our emails end up in the spam folders of email services.

To overcome this, you can activate the anti-spam option: Your collaborators will receive all our fake phishing emails – without compromising the effectiveness of the filter for unwanted emails.

How to set it up?

The anti-spam option can be activated from the tab Phishing > Settings > Anti-spam. It is only available for companies that have enabled automatic email address synchronization via Google or Microsoft.

Microsoft

By clicking the anti-spam button, you are redirected to a Microsoft page requesting read and write access to your colleagues' Outlook mailboxes. These permissions will allow to configure phishing campaign with templates that are actually relevant down the line.

Here are the details of the requested permissions:

Read all audit log data

Enables you to read all of the organisation's audit logs for investigation and monitoring purposes.

Read audit logs data from all services

Allows the application to read audit logs from all Microsoft 365 services for threat detection and compliance.

Read and write mail in all mailboxes

Provides full read/write access to all messages in mailboxes (used for analysis, remediation, or actions on malicious emails).

Read and write all user mailbox settings

Allows you to modify mailbox settings (rules, signatures, forwarding, etc.) for all users.

Read your organization’s conditional access policies

Allows the application to read the conditional access policy configuration for auditing or security posture analysis.

Read all usage reports

Provides access to usage and activity reports across the organisation (Microsoft 365 analytics).

Read metadata and detection details for all emails in your organization

Allows access to email metadata (headers, detections, threat indicators) without accessing the content of the messages.

Read all users’ full profiles

Provides full read access to user profiles (name, position, attributes, etc.).

Read and write all users’ authentication methods

Allows you to modify user authentication methods (MFA, telephone, email, etc.).

Sign in and read user profiles

Allows the application to log in as a user and access basic profile data.

Read and write all password profiles and reset user passwords

Allows you to reset or update passwords for all users, necessary for incident remediation.

Revoke all sign in sessions for a user

Allows you to immediately revoke all active sessions for a user, used for immediate containment.

Read activity data for your organization

Enables Stoïk to read events from the Microsoft 365 activity feed to detect suspicious actions or anomalies related to user activity.

Read all applications

Allows the application to read all applications and core service objects in the tenant, used to analyse the configuration and identify anomalies.

Google Synchronization Case

  • Go to your Google Admin console.

  • Add a new API client in the Google Admin panel.

  • In the window that appears, enter:

    • ClientID: 115890102773233849646

    • OAuth scopes: https://www.googleapis.com/auth/gmail.insert, https://www.googleapis.com/auth/gmail.metadata

    • Click Allow

PreviousHow do awareness training sessions work?NextWhat is the Active Directory scan?

Last updated

Was this helpful?