The following guide will provide you with step-by-step instructions on how to allow PhishDeck’s simulated phishing emails by IP address in your Google Workspace (G Suite) account.
Why do I need to allow PhishDeck’s IP?
While PhishDeck emulates a real phishing attack, it is ensured that this is conducted with traceability and governance in mind. To such an extent, unlike real attackers using illegal botnets or other illicit methods of sending large volumes of phishing emails, all of PhishDeck’s phishing simulation emails originate from a single IP. This is done not only to be easy to allow (some mail filters only allow IP allow listing), but it’s also to ensure that it’s quick and easy to distinguish phishing simulation emails from real ones in the event of an investigation.
Naturally, IPs which only send phishing simulation emails are bound to be blocked, and to such an extent, we strongly suggest explicitly allowing PhishDeck’s IP addresses to avoid issues with your phishing simulation Campaigns – this process only needs to be set-up once.
Allowing PhishDeck’s IP in Google Workspace
Log in to https://admin.google.com and select Apps
Select G Suite
Select Gmail
Scroll down to select Advanced settings
In the Organizations section, select your Domain, not an Organizational Unit (OU).
Note: Google Workspace only accepts allow lists by IP address for an entire domain.
Here in the Spam, phishing, and malware section, you’ll find the Email Whitelist option.
Here you can enter PhishDeck’s IP addresses, each entry needs to be separated by commas. Find the latest list of our IP addresses in this article.
Finally click Save.
The settings may take up to 1 hour to propagate to all users. Prior to starting the phishing campaign, set one up for testing to your own email address to confirm the configuration was successful.
Next, you will need to add PhishDeck’s IP address as an inbound gateway to suppress Gmail warnings from showing up in your Target’s inbox when they receive the phishing simulation email from PhishDeck.
While in the Spam, phishing, and malware section, you should see an Inbound gateway setting. Hover over and click the Edit button.
Configure the Inbound gateway screen as follows.
1. For Gateway IPs enter our IP addresses. Find the latest list of our IP addresses in this article.
2. Ensure that only Require TLS for connection from the email gateways listed above is selected from the checkpoints
3. For Message Tagging enter the following.
4. Ensure that the Disable Gmail spam evaluation on mail from this gateway; only use header value is enabled. Finally, click Save.
Add PhishDeck’s Domains as Whitelisted Domains
This step is specifically important to target the spam banner in Gmail.
- In the Google Workspace (GSuite) administration portal, navigate to [Account] > [Domains] > [Whitelisted Domains]
- Add the following domains: