Microsoft Office 365 now has an Advanced Threat Protection feature that can potentially flag your simulated phishing emails as suspicious.

uPhish simulations are intended to test your user response, not Microsoft's threat detection, so you will want to ensure that uPhish emails are excluded from Microsoft's flagging.

Note: This does not necessarily prevent emails from being quarantined or filtered - but only stops them from being automatically flagged as phishing emails.

Prevent Microsoft ATP from flagging your phishing sims

  1. Log into your Microsoft 365 Admin Center
  2. Navigate to the Office 365 Security & Compliance page
  3. Click on Threat management > Policy
  4. Click Safe Links
  5. Click on the Safe Link Policy you have set up (or set up a new Safe Link Policy if you haven't already)
  6. Click Edit policy
  7. Click Settings
  8. Add the usecure domains to the list under Do not rewrite the following URLs, in this format:

For example, if you want to whitelist the domain, you should add:


Next steps

Did this answer your question?