Skip to main content

Google Safe Browsing Allowlist

Sebastian Salla
Updated

The phishing website domains that are used by CanIPhish are occasionally flagged by Google Safe Browsing lists, which classify them as malicious, social engineering, phishing, or deceptive login pages.

CanIPhish works to ensure these domains don't appear on Safe Browsing Lists, however, once a domain does appear here, a warning banner would be shown when the phishing link is clicked. Accordingly, this may negatively impact phishing tests, even if the domain is only blocked for a short duration.

By implementing this Safe Browsing allowlist, you'll ensure your phishing simulations are never impacted by Google's Safe Browsing feature. This allowlist works across various platforms for the Chrome browser. Namely: Windows, macOS, and Chrome-based Operating Systems.

All guidance provided below has been taken from Google's official Safe Browsing Allowlist article.

Allowlisting Prerequisites

The following prerequisites must be met to deploy the Google Safe Browsing Allowlist.

  • Windows Operating System:
    • Endpoints must be joined to a Microsoft Active Directory (AD) domain.
    • Endpoints must be running Windows 10/11 Pro/Enterprise.
    • Endpoints must be enrolled in Chrome Browser Cloud Management.
  • macOS Operating System:
    • Endpoints must be managed via an MDM
    • Endpoints must be joined to a domain via MCX.
  • Chrome Operating System:
    • No prerequisites

Setup Google Safe Browsing Allowlist on Windows

To allowlist Google Safe Browsing on Windows devices, you need to use a Group Policy Object (GPO) that's deployed via Microsoft AD. Follow the below steps to apply the allowlist:

  1. Download the Chrome ADMX templates. To access these templates, see Google's Set Chrome Browser policies on managed PCs article and traverse to the Windows section.
  2. Install the ADMX templates on the domain controller. The ADMX templates will then be available to assign via GPO.
  3. Within the GPO Editor, navigate to Computer Configuration → Administrative Templates → Google → Google Chrome → Safe Browsing Settings → Configure the list of domains on which Safe Browsing will not trigger warnings.
  4. Within the setting configuration, select Enabled. Then, select Show to see the list for configuration.
  5. Add the root phishing website domains used by CanIPhish (i.e. the following):
    authwebmail.com
    cmail31.com
    securesupportcloud.com
    webnotifications.net
    alerting-services.com
  6. Click OK, then click Apply.
  7. Click OK again.
  8. Restart your Chrome browser, navigate to Chrome://Policy to verify the policy was installed successfully.

Setup Google Safe Browsing Allowlist on macOS

To allowlist Google Safe Browsing on macOS devices, you will need to edit any existing Google Chrome .plist files that are already pushed to your endpoints. The edited .plist files will need the entries outlined in Step 2 below. A new policy can be created to push via your MDM solution. Follow the below steps to apply the allowlist:

  1. Create a .plist file and open it in the editor of your choice. You can use the sample file attached here: Sample File
  2. Edit the entries in the .plist file to list the root phishing website domains used by CanIPhish (shown below). Each root domain is a <string> entry in the <array>, which is listed under the <key>Safe BrowsingAllowlistDomains</key> entry:
    authwebmail.com
    cmail31.com
    securesupportcloud.com
    webnotifications.net
    alerting-services.com
  3. Save the .plist file and use a converter, such as mcxToProfile, to convert this file into a system policy.
  4. Deploy the policy to the machine via MDM.
  5. Restart your Chrome browser, navigate to Chrome://Policy to verify the policy was installed successfully.

Setup Google Safe Browsing Allowlist on Chrome-based Devices

To allowlist Google Safe Browsing on Chrome-based devices, you will need to modify the settings outlined below in your Google administrator console:

  1. Open your Google Admin Portal.
  2. Navigate to Devices → Chrome → Settings → Users & browsers → Safe browsing allowed domains.
  3. Add the root phishing website domains used by CanIPhish (i.e. the following):
    authwebmail.com
    cmail31.com
    securesupportcloud.com
    webnotifications.net
    alerting-services.com
  4. Click Save.
  5. Restart your Chrome browser, navigate to Chrome://Policy to verify the policy was installed successfully.

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk