Self-Service Setup
Steps
1. Ensure Delivery and Accuracy
Ensuring Delivery and Accuracy
Jericho Security’s Phishing Simulation emails are intentionally crafted to look suspicious, in order to effectively test your users’ security awareness. As a result, email security systems may sometimes block, quarantine, or inspect these emails.
To guarantee successful delivery and maintain the accuracy of your simulation results, we strongly recommend whitelisting Jericho Security’s emails, links, and attachments. This prevents email security tools from:
-
Blocking or flagging simulation emails as spam or phishing
-
Opening attachments in a sandbox environment
-
Inspecting and altering links, which could falsely trigger a “failure” even if users did not click
Where to Whitelist
You should configure whitelisting in the following systems:
-
Email Providers (e.g., Microsoft 365, Google Workspace)
For both Spam and Phishing categories
-
Email Security Tools (e.g., ProofPoint, Mimecast, Abnormal Security, Microsoft Defender)
-
(Optional) Web Application Firewalls
In rare cases, firewalls may interfere with link tracking or access.
Use the information below to whitelist Jericho Security properly and ensure smooth operation of your phishing simulation campaigns.
Whitelisting Information
IP Ranges for Email Servers
Add the following IP ranges to your allow lists:
-
50.31.156.96/27 (Range: 50.31.156.96 – 50.31.156.127)
-
104.245.209.192/26 (Range: 104.245.209.192 – 104.245.209.255)
-
50.31.205.204/30 (Range: 50.31.205.204 – 50.31.205.207)
Domains Used for Sending Phishing Simulation Emails
Jericho Security uses a variety of domains to send simulation emails. While new domains are frequently added in the platform, here is a current list for your convenience:
jrchscrty.com
0m365.com
do-not-click.net
statefarm.co.com
docsign.cloud
benefits.age.eu.com
age.eu.com
prime.age.eu.com
ship.us.org
global.ship.us.org
freight.ship.us.org
tion.com.co
founda.tion.com.co
collabora.tion.com.co
educa.tion.com.co
secur.ity.co.com
ity.co.com
productiv.ity.co.com
visibil.ity.co.com
ism.lat
optim.ism.lat
professional.ism.lat
ness.center
busi.ness.center
well.ness.center
ment.co.com
develop.ment.co.com
invest.ment.co.com
manage.ment.co.com
Important: The full list of available sending domains is visible within the Jericho Security platform when creating a campaign. Since new domains are added periodically, always ensure that any domains you select for your campaigns are whitelisted in your systems.
Adding Employees to Jericho Security
Employees are the users who will receive phishing simulation emails and training assignments.
There are three ways to add employees to the Jericho Security system:
1. Manually Add an Employee
Navigate to People & Groups in the platform.
Click Add Employee to manually enter a new user’s information.
2. Bulk Upload via CSV File
Navigate to People & Groups.
Click Upload CSV to add multiple employees at once.
Important: Before uploading, download the Template CSVs provided in the system to ensure you format your file correctly.
3. Integrate Your Directory with SCIM
Set up a SCIM Directory Integration to automatically sync employees from your directory provider.
We currently provide integration guides for:
Tip: Directory integrations are ideal for organizations that want to keep their employee list updated automatically.
Report Suspicious Emails
Empower your employees to take an active role in security by enabling them to report suspicious emails directly to Jericho Security.
Bonus: If an employee successfully reports a Jericho Security Phishing Simulation Email, it will be reflected positively in your dashboard and reports!
We offer easy-to-install reporting add-ons for the most popular email platforms:
Tip: Installing these add-ons helps reinforce security awareness while improving the accuracy of your phishing simulation metrics.Thoughts, comments, questions? Reach us at support@jerichosecurity.com.