Whitelist by Google Safe Browsing

The Phriendly Phishing domains used in our phishing simulations are occasionally flagged by Google's Safe Browsing feature, which classifies them as malicious, social engineering, phishing, or deceptive login pages.

Once a domain does appears in Google's Safe Browsing list, a warning banner appears when the phishing or training link are clicked. This then prevents your Learners from navigating to the landing page. 

Implementing a Safe Browsing whitelist which includes our training, simulation domains and URLs, ensures your training and phishing simulations are not impacted by Google's Safe Browsing feature nor will your Learners be presented with warning messages. The Safe Browsing whitelist works across various platforms for the Chrome browser including Windows, macOS, and Chrome-based Operating Systems.

What are the System Requirements for Safe Browsing Whitelisting?

Below pre-requisites were obtained from Google's Safe Browsing Allowlist Domains article.

How to set-up Safe Browsing Whitelisting for Windows?

To whitelist by Google Safe Browsing on Windows devices, you need to use a Group Policy Object (GPO) deployed via Microsoft AD. See below steps on how to whitelist.

1. Download the Chrome ADMX templates. To access these templates, refer to Google's Set Chrome Browser policies on managed PCs article and go to the Windows section.
2. Install the ADMX templates on the domain controller. The ADMX templates will then be available to assign via GPO.
3. In the GPO Editor, navigate to Computer Configuration → Administrative Templates → Google → Google Chrome → Safe Browsing Settings → Configure the list of domains on which Safe Browsing will not trigger warnings.
4. Under setting configuration, select Enabled. Then, select Show to see the list for configuration.
5. Add the Phriendly Phishing root Domains.
6. Click OK, then Apply.
7. Click OK again.
8. Restart your Chrome browser, navigate to Chrome://Policy to verify the policy was installed successfully.

How to set-up Safe Browsing Whitelisting for macOS?

To whitelist by Google Safe Browsing on macOS devices, edit any existing Google Chrome .plist files that are already pushed to your endpoints. The edited .plist files will need the entries outlined in Step 2 below. A new policy can also be created to push via your MDM solution. See steps below:

1. Create a .plist file and open it in the editor of your choice. You can use the sample file attached here: Sample File
2. Edit the entries in the .plist file to list the Phriendly Phishing root Domains. Each root domain is a <string> entry in the <array>, which is listed under the <key>Safe BrowsingAllowlistDomains</key> entry.
3. Save the .plist file and use a converter, e.g. mcxToProfile, to convert this file into a system policy.
4. Deploy the policy to the machine via MDM.
5. Restart your Chrome browser, navigate to Chrome://Policy to verify the policy was installed successfully.

How to set-up Safe Browsing Whitelisting for Chrome-based Operating Systems?

To whitelist by Google Safe Browsing on Chrome-based devices, modify the settings per below guide in your Google Workspace Admin Console

1. Navigate to Devices → Chrome → Settings → Users & browsers → Safe browsing allowed domains.
2. Add the root domains from the Phishing simulation links and URL. 
3. Click Save
4. Restart your Chrome browser, navigate to Chrome://Policy to verify the policy was installed successfully.