In order to make sure the Phish Insight simulation links will be shown properly, we need to add the URLs used by Phish Insight on Microsoft Edge Allowed Domains so that it won’t trigger this warning. Kindly do the following on your Active Directory:
Note: If you can already configure GPO for Microsoft Edge, you can directly go to Step 8
1. Go to https://www.microsoft.com/en-us/edge/business/download then scroll down until you find the section “Looking for an older version of Edge?”
2. Choose the latest build for “Select channel version”, “Select build”, and “Platform” then click “Get Policy Files”
3. It will download the file MicrosoftEdgePolicyTemplates.cab, double click that file then copy MicrosoftEdgePolicyTemplates.zip to a temporary folder
4. Extract the MicrosoftEdgePolicyTemplates.zip then open the extracted folder and navigate to \windows\admx
5. Copy msedgeupdate.admx and msedge.admx to %systemroot%\PolicyDefinitions
6. Go back to where you extracted the MicrosoftEdgePolicyTemplates.zip then navigate to \windows\admx\<Appropriate Language> (Example if you want it in English then navigate to \windows\admx\en-US) then copy the files msedge.adml and msedgeupdate.adml
7. Copy the msedge.adml and msedgeupdate.adml to C:\Windows\PolicyDefinitions\<Appropriate Language) (Example if the files comes from en-US of Step 6 then you should navigate as well to en-US of PolicyDefinitions Folder)
8. Create now a GPO Script or edit your existing GPO script then navigate to Computer Configuration > Microsoft Edge > SmartScreen Settings
9. On the right pane window choose “Configure the list of domains for which Microsoft Defender SmartScreen won’t trigger warnings” choose Enabled then click Show
10. On the Show window, add the domain URLs used by Phish Insight:
- www.websitefun.info
- www.solutionfun.info
- www.internetservicetech.com
- www.onlineservicetec.com
- www.onlineservicetech.website
- www.webfun.website
- www.solutionfun.services
- www.eservicebits.com
- www.e-serviceparts.info
- www.onlineservicefree.website
- www.onlineservicefree.club
- www.e-service.org
- www.globalinfohost.com
- www.siteserversolutions.com
- www.forupsite.com
- www.onlineservicenetwork.com
- www.freecloudapps.net
Then click OK
11. On the Window of “Configure the list of domains for which Microsoft Defender SmartScreen won’t trigger warnings” click Apply then OK
12. Link that GPO now to the target Organizational Unit (OU) (On this example, we applied it to Domain Controllers OU)
13. To force a machine to get the latest GPO, go to that machine then open cmd as Administrator then do command gpupdate /force. Once done, perform gpresult /r to view if the GPO has been applied
14. To verify that the URL was added, open regedit then navigate to HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains then you can view there the added URLs from Step 10
15. Try to access again the PhishInsight Simulation link and you should be able to view it now properly