Riot in Trend Micro

Riot sends phishing test emails. Without the correct configuration, some of these emails would not pass the Trend Micro web filter, which would compromise your campaign statistics.

The following guide explains how to avoid this and ensure your test campaigns run smoothly.

Did you know? Unlike Riot, hackers would have no problem bypassing your spam filter by exploiting legitimate email servers, which Riot cannot afford to do.

Advanced Spam Protection

  1. Navigate to the Advanced Threat Protection tab > Add.
  2. Select the policy to create based on the service:
  3. Exchange OneDrive SharePoint Box Dropbox Google
  4. On the left, select Advanced Spam Protection.
  5. Check the Enable Advanced Spam Protection option.
  6. Select the Approved/Blocked Sender List section.
  7. Check the box next to the Enable the approved sender list option.
  8. Enter *@noreply.link and *@tryriot.com in the text field and click the Add > button.
  9. Select the Rules configuration section.
  10. Under the Apply to: drop-down, select the Incoming messages option.
  11. For Detection Level:, select the Medium option.

Malware Scanning

  1. On the left, select Malware Scanning.
  2. Select the Rules configuration section.
  3. Under the Apply to: drop-down, select the All messages option.
  4. Under Malware Scanning, select Scan all files and check the box next to Scan message body and Enable IntelliTrap.

  1. Select the Action configuration section.
  2. For Action:, select the Trend Micro recommend actions option from the drop-down.
  3. For Notification:, select the Notify option from the drop-down.

File Blocking

On the left, select File Blocking and select Enable File Blocking. We recommend keeping File Blocking on because you cannot limit this option to Riot messages. Turning off File Blocking could allow potentially malicious attachments through to your users.

Web Reputation

  1. On the left, select Web Reputation.
  2. Check the Enable Web Reputation option.
  3. Select the Rules configuration section.
  4. Under the Apply to: drop-down, select the All messages option.
  5. For Security Level:, select the Medium option.
  6. Select the Approved/Blocked URL List section.
  7. Check the box next to the Enable the approved URL list option.
  8. Check the box next to the Add internal domains to the approved URL list option.
  9. Enter the domains that have been generated for you by the platform and should be used in place of the placeholders domain1.com, domain2.com... . in the text field following the format:
domain1.com
domain2.com
domain3.com

Then, click the Add > button.