G DATA Phishing Simulation

Open the Microsoft 365 admin center.

Click on Security in the left side menu.

Click on Exchange Message Tracking in the left side menu. This will take you to the Exchange Admin Center.

Click on Email flow in the left side menu and then on Rules in the submenu that opens.

Click on Add a rule. In the submenu that opens, select Create a new rule.
A new window opens on the right-hand side of the screen. Give the rule a name. For example GDATA PhishingSIM BypassLink.

For Apply this rule if…​ select The sender in combination with IP is in any of these ranges or exactly matches.

Now enter our IPs here.

For Proceed as follows: select Define message header

Click on Enter text.
A new window will open on the right-hand side of the screen. Enter the following value there:

Click on Save.

Click on Enter text.
A new window will open on the right-hand side of the screen. Enter the following value there:

Click on Save.

In the next window, make sure that the Rule mode is set to "Enforce" and select a severity level for this rule. Rule matches are grouped by severity in activity reports. The severity level is only a filter to ease the use of the reports. The severity level has no effect on the priority in which the rule is processed.

Click on Next.

Check the settings again in the next window and click on Finish.

Your rule will then be available in your rule overview. However, it is still disabled. Click on the word Disabled and a new window will open on the right-hand side of the screen.

Drag the status slider to Activated.

Repeat steps 5-15 with the following modifications: