Phishing Awareness Training

Configuring phishing simulation support requires two steps:

1. Whitelist in Microsoft 365 — Ensure simulation emails bypass M365's native protection and reach INKY

2. Configure in INKY — Tell INKY how to handle simulations (banners, link rewriting, reporting)

Step 1: Microsoft 365 Advanced Delivery

For Microsoft 365 environments, simulation emails must be whitelisted in M365's Advanced Delivery settings. Without this, M365 may block simulations before they reach INKY.

Automated Configuration (BullPhish ID, more coming soon…)

INKY can automatically configure M365 Advanced Delivery during Team Setup or from the License Status page:

1. Navigate to Tenant Operations - INKY

2. Configure Phishing Simulation Override
   

   

3. The configuration assistant will add the required IP addresses and domains to M365

4. Monitor the real-time logs to confirm success

If settings already exist, you can use Force Override to replace them with INKY's recommended configuration.

Manual Configuration (Other Platforms)

For platforms without automated configuration:

1. Go to M365 Security Center → Advanced Delivery

2. Select the Phishing simulation tab

3. Add your simulation vendor's sending IPs and domains

Contact your simulation vendor for the correct IP addresses and domains to whitelist.

Step 2: INKY Configuration

Navigate to: Dashboard > Admin Center > Phishing Awareness Training

Select Your Platform

Choose your phishing simulation vendor from the Platforms list.

INKY supports 40+ platforms including BullPhish ID, KnowBe4, Proofpoint, and Cofense.

If your platform isn't listed, select Custom and contact INKY support for configuration.

Custom Banner

Control what banner users see on simulation emails:

No special treatment — INKY analyzes normally. Simulations may get flagged as actual phishing.

Neutral — Gray banner, no threat indicators. Users see it is external mail but nothing suspicious.

Caution — Yellow Banner, helps see what the user would do if there was a clue.

Danger — Red Banner, see if the users would interact with a danger banner or understand it's phishing.

Additional Options

Bypass link rewriting — Simulation links stay intact so click tracking works. Note: Users may notice only simulation emails have unrewritten links.

Always deliver to Inbox — Overrides your delivery settings to ensure simulations reach the inbox even if they'd normally quarantine. Only applies if using INKY's Delivery Settings.

Do not attach raw messages to reports — Prevents ticketing systems from auto-clicking simulation links when processing user reports.

Send reports to different addresses — Route user reports of simulated phishing to a separate address (or nowhere) to keep them out of your SOC queue. Leave the email field empty to suppress notifications entirely.

KnowBe4 Phish Alert Integration

If you use KnowBe4's Phish Alert Button, enter your License Key from KnowBe4's Account Settings page. This enables two-way integration: INKY notifies KnowBe4 when users identify simulations via Report This Email, and forwards real phishing reports to your custom addresses configured in KnowBe4.

Supported Platforms

ACA Aponix, Adaptive Security, Arctic Wolf, Barracuda PhishLine, Beauceron Security, BreachSecure, BullPhish ID, Cofense PhishMe, Cyber Aware, CybeReady, CybSafe, Goldphish, Huntress Managed SAT (Formerly Curricula), INFIMA, Infosec IQ / PhishSim, INKY Security Awareness Training (Powered by Wizer), IRONSCALES, Keepnet Labs / NINJIO (old platform), KnowBe4, LUCY Security, MediaPRO, NINJIO, Phin Security, Phished (phished.io), PhishingBox, Phishing Tackle, Phishr, PIIGuard360, Proofpoint Wombat / ThreatSim, SANS Institute, Sophos Phish Threat, Symbol Security, Terranova Security, Trend Micro Phish Insight, usecure, Webroot, Wizer

Platform not listed? Select Custom and contact INKY support for configuration.