5. Whitelisting – Emails

An essential part of phishing simulations is ensuring everyone gets the chance to experience a phishing email in their inbox, leading to education and awareness in the organisation. Educational phishing awareness campaigns are not designed to test email infrastructure and the technical defences in place. Should your organisation require a realistic phishing assessment please see: AntiPhish Phishing

Phishing Server

Emails will be sent from our phishing server, emails originating from the following server should be whitelisted:

IP: 142.93.32.36

Domain: click.antiphish.training

Phishing Email Domains

Phishing emails will be sent using various sending profiles. Links within phishing emails are hyperlinked just like regular email links. When a user clicks a link within one of our phishing email they will be guided to educational landing pages that use the following domains:

accountings.co.uk
antiphish.training
billing-co.uk
efileshare.co.uk
fbcdn.co.uk
fbcdns.co.uk
fbcdn.info
fbcdn.uk
hr-go.co.uk
live-share.co.uk
mailerdaemon.co.uk
microsoft-share.co.uk
newaccounts.co.uk
nhsdigital.online
office365-send.com
offices365.co.uk
secure-portal.co.uk
sso-login.co.uk
sso-login.uk
trello.email
tsb.business
victim.online
vpnlogin.co.uk
xn--ooe-2fbc60f.com
yourcoupons.co.uk
yw50axboaxnoihboaxnoaw5nihryywluaw5nihnpbxvsyxrpb24.co.uk
xn--ooe-2fbc60f.com

Email Header

If your mail server requires you to whitelist our Email Header (for instance, if you are using a cloud-based spam filter), you can find that here:

Email Header: X-APHISH

Email Header Text: This is a non malicious phishing security test from The AntiSocial Engineer Limited that has been authorised by the recipient organisation.