1. Ensure Delivery and Accuracy
Jericho Security’s Phishing Simulation emails are intentionally crafted to look suspicious, in order to effectively test your users’ security awareness. As a result, email security systems may sometimes block, quarantine, or inspect these emails.
To guarantee successful delivery and maintain the accuracy of your simulation results, we strongly recommend whitelisting Jericho Security’s emails, links, and attachments. This prevents email security tools from:
Blocking or flagging simulation emails as spam or phishing
Opening attachments in a sandbox environment
Inspecting and altering links, which could falsely trigger a “failure” even if users did not click
You should configure whitelisting in the following systems:
Email Providers (e.g., Microsoft 365, Google Workspace)
For both Spam and Phishing categories
Email Security Tools (e.g., ProofPoint, Mimecast, Abnormal Security, Microsoft Defender)
(Optional) Web Application Firewalls
In rare cases, firewalls may interfere with link tracking or access.
Use the information below to whitelist Jericho Security properly and ensure smooth operation of your phishing simulation campaigns.
Add the following IP ranges to your allow lists:
50.31.156.96/27 (Range: 50.31.156.96 – 50.31.156.127)
104.245.209.192/26 (Range: 104.245.209.192 – 104.245.209.255)
50.31.205.204/30 (Range: 50.31.205.204 – 50.31.205.207)
Jericho Security uses a variety of domains to send simulation emails. While new domains are frequently added in the platform, here is a current list for your convenience:
jrchscrty.com
0m365.com
do-not-click.net
statefarm.co.com
docsign.cloud
benefits.age.eu.com
age.eu.com
prime.age.eu.com
ship.us.org
global.ship.us.org
freight.ship.us.org
tion.com.co
founda.tion.com.co
collabora.tion.com.co
educa.tion.com.co
secur.ity.co.com
ity.co.com
productiv.ity.co.com
visibil.ity.co.com
ism.lat
optim.ism.lat
professional.ism.lat
ness.center
busi.ness.center
well.ness.center
ment.co.com
develop.ment.co.com
invest.ment.co.com
manage.ment.co.com
Important: The full list of available sending domains is visible within the Jericho Security platform when creating a campaign. Since new domains are added periodically, always ensure that any domains you select for your campaigns are whitelisted in your systems.
Employees are the users who will receive phishing simulation emails and training assignments.
There are three ways to add employees to the Jericho Security system:
Navigate to People & Groups in the platform.
Click Add Employee to manually enter a new user’s information.
Navigate to People & Groups.
Click Upload CSV to add multiple employees at once.
Important: Before uploading, download the Template CSVs provided in the system to ensure you format your file correctly.
Set up a SCIM Directory Integration to automatically sync employees from your directory provider.
We currently provide integration guides for:
Tip: Directory integrations are ideal for organizations that want to keep their employee list updated automatically.
Report Suspicious Emails
Empower your employees to take an active role in security by enabling them to report suspicious emails directly to Jericho Security.
Bonus: If an employee successfully reports a Jericho Security Phishing Simulation Email, it will be reflected positively in your dashboard and reports!
We offer easy-to-install reporting add-ons for the most popular email platforms:
Tip: Installing these add-ons helps reinforce security awareness while improving the accuracy of your phishing simulation metrics.Thoughts, comments, questions? Reach us at support@jerichosecurity.com.