This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Credential Harvesting being stopped by Windows Defender SmartScreen

It's good but it's bad.

I've bypassed all domain and URL filtering successfully in Office 365/ATP. However, when a user clicks the link it's still getting caught by 

Windows Defender SmartScreen. It looks like any GPO settings are all or nothing and we certainly don't want to disable this across the entire domain.
 
Had anyone else ran into this issue. Credential harvesting campaigns are something we really want to start using.
 


This thread was automatically locked due to age.