If you are using Microsoft Defender Plan 2, then Microsoft Safe Links is probably re-writing URLs in your incoming emails. Some of them are from our Security Awareness Service and are also put into the quarantine from Microsoft. Please complete the following steps to prevent them to get quarantined by Microsoft:
- In the Microsoft 365 Defender portal (security.microsoft.com) navigate to
Email & Collaboration > Policies & Rules > Threat policies > Advanced delivery. - On the Advanced delivery page, select the Phishing simulation tab, then click on "Edit".
- In the Edit third-party phishing simulation panel, configure the following setting:
- under Simulation URLs to allow enter:
atpscan.global.hornetsecurity.com/*
- Click "Save" and then "Close".
- under Simulation URLs to allow enter:
- If not already done, please also add the listed IP ranges from this article.
Please be advised that using any additional filtering service is not recommended by Hornetsecurity.