This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jturan
Explorer
‎2021-08-23 11:21 AM

Phishing Simulation Exceptions

We use a Phishing simulation for end user training. It sends emails to our users with URLs that if clicked bring them to the training site and record the click for reporting.

We use a hosted spam filter which then sends email to the security gateways for threat emulation and extraction.

We set exceptions for the sender address each month in the threat emulation and extraction policy for the simulation, but the reports still show clicks when we are certain the user did not click and in some cases blocks the email completely. Our conclusion is that even though we have exceptions set, the check at the gateway is still following the URL to check the reputation of the site. We opened a support case with Checkpoint and they told us the only option is to create a global exception in the threat prevention policy with the source being our hosted spam filter. This obviously is not a solution as that would allow all email to bypass emulation and extraction and not just the sim email.

So, we are wondering if anyone else is running into a similar situation or if they have found a suitable work around? 

1 Reply
cyberfinder
Explorer
‎2022-03-23 01:10 PM

have you got any resolution for this ?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events