You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-office-365/attack-simulation-training-get-started.md
+1-4Lines changed: 1 addition & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -102,7 +102,7 @@ The following social engineering techniques are available:
102
102
103
103
-**How-to Guide**: A teaching guide that contains instructions for users (for example, how to report phishing messages).
104
104
105
-
<sup>\*</sup> The link can be a URL or a QR code. QR code support in Attack simulation training is currently in preview.
105
+
<sup>\*</sup> The link can be a URL or a QR code.
106
106
107
107
The URLs that are used by Attack simulation training are listed in the following table:
108
108
@@ -180,9 +180,6 @@ In simulations that use **Credential Harvest** or **Link in Attachment** social
180
180
181
181
The best training experience for simulated phishing messages is to make them as close as possible to real phishing attacks that your organization might experience. What if you could capture and use harmless versions of real-world phishing messages that were detected in Microsoft 365 and use them in simulated phishing campaigns? You can, with _payload automations_ (also known as _payload harvesting_). To create payload automations, see [Payload automations for Attack simulation training](attack-simulation-training-payload-automations.md).
182
182
183
-
> [!TIP]
184
-
> QR code payloads are currently in Preview, aren't available in all organizations, and are subject to change.
185
-
186
183
Attack simulation training also supports using QR codes in payloads. You can choose from the list of built-in QR code payloads, or you can create custom QR code payloads. For more information, see [QR code payloads in Attack simulation training](attack-simulation-training-payloads.md#qr-code-payloads).
Copy file name to clipboardExpand all lines: defender-office-365/attack-simulation-training-insights.md
+2-5Lines changed: 2 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -281,9 +281,6 @@ For more information about the **Users** and **Details** tabs, see the following
281
281
282
282
### Reporting for QR code simulations
283
283
284
-
> [!TIP]
285
-
> QR code payloads are currently in Preview, aren't available in all organizations, and are subject to change.
286
-
287
284
You can select QR code payloads to use in simulations. The QR code replaces the phishing URL as the payload that's used in the simulation email message. For more information, see [QR code payloads](attack-simulation-training-payloads.md#qr-code-payloads).
288
285
289
286
Because QR codes are a different type of a phishing URL, user events around read, delete, compromise, and click events remain the same. For example, scanning the QR code opens the phishing URL, so the event is tracked as a click event. The existing mechanisms for tracking compromise, deletes, and report events remain the same.
@@ -426,7 +423,7 @@ When you export information from the reports, the CSV file contains more informa
426
423
|EmailLinkClicked_Browser|The web browser that was used to click the link payload in **Credential Harvest**, **Link to Malware**, **Drive-by-url**, and **OAuth Consent Grant** simulations. This information comes from UserAgent.|
427
424
|EmailLinkClicked_IP|The IP address where the link payload was clicked in **Credential Harvest**, **Link to Malware**, **Drive-by-url**, and **OAuth Consent Grant** simulations. This information comes from UserAgent.|
428
425
|EmailLinkClicked_Device|The device where the link payload was clicked in **Credential Harvest**, **Link to Malware**, **Drive-by-url**, and **OAuth Consent Grant** simulations. This information comes from UserAgent.|
429
-
|EmailLinkClicked_ClickSource|Whether the payload link was selected by clicking on a URL or scanning a QR Code in **Credential Harvest**, **Link to Malware**, **Drive-by-url**, and **OAuth Consent Grant** simulations. Values are `PhishingURL` or `QRCode`. QR code support is currently in Preview.|
426
+
|EmailLinkClicked_ClickSource|Whether the payload link was selected by clicking on a URL or scanning a QR Code in **Credential Harvest**, **Link to Malware**, **Drive-by-url**, and **OAuth Consent Grant** simulations. Values are `PhishingURL` or `QRCode`.|
430
427
|CredSupplied_TimeStamp(Compromised)|When the user entered their credentials.|
431
428
|CredSupplied_Browser|The web browser that was used when the user entered their credentials. This information comes from UserAgent.|
432
429
|CredSupplied_IP|The IP address where the user entered their credentials. This information comes from UserAgent.|
@@ -472,7 +469,7 @@ How user activity signals are captured is described in the following table.
472
469
|Deleted message|The user deleted the message.|The signal comes from the Outlook activity of the user. If the user reports the message as phishing, the message might be moved to the Deleted Items folder, which is identified as a deletion.|
473
470
|Permissions granted|The user shared permissions in an **OAuth Consent Grant** simulation.||
474
471
475
-
¹ The clicked link can be a selected URL or a scanned QR code (QR code support in Attack simulation training is currently in Preview).
472
+
¹ The clicked link can be a selected URL or a scanned QR code.
Copy file name to clipboardExpand all lines: defender-office-365/attack-simulation-training-simulations.md
+1-4Lines changed: 1 addition & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -54,7 +54,7 @@ On the **Select technique** page, select an available social engineering techniq
54
54
-**OAuth Consent Grant**<sup>\*</sup>
55
55
-**How-to Guide**<sup>\*</sup>
56
56
57
-
<sup>\*</sup> This social engineering technique allows you to use QR codes (currently in Preview). For more information, see the [QR code simulations and training](#qr-code-simulations-and-training) section later in this article.
57
+
<sup>\*</sup> This social engineering technique allows you to use QR codes. For more information, see the [QR code simulations and training](#qr-code-simulations-and-training) section later in this article.
58
58
59
59
If you select the **View details** link in the description, a details flyout opens that describes the technique and the simulation steps that result from the technique.
60
60
@@ -632,9 +632,6 @@ Back on the **Simulations** tab, the simulation that you created is now listed.
632
632
633
633
## QR code simulations and training
634
634
635
-
> [!TIP]
636
-
> QR code payloads are currently in Preview, aren't available in all organizations, and are subject to change.
637
-
638
635
You can select payloads with QR codes to use in simulations. The QR code replaces the phishing URL as the payload that's used in the simulation email message in the following social engineering techniques:
0 commit comments