Before you begin the phishing and training campaign for your users, it is extremely important that you whitelist Right-Hand, in order to prevent our phishing security simulation emails and training notifications from being blocked, or filtered into your Spam folder.
Whitelisting Best Practices
Whitelisting Right-Hand depends on your IT environment. As a best practice, we recommend whitelisting our IP addresses in your mail server if you're not using a cloud-based spam filter.
Take into consideration the various products or services you may be using in your mail or web environment to prevent issues with deliverability. Contact us, if you require any assistance with this.
Also, please be aware that your mail server or mail filter may have rate limitations.
Rate limitations can slow or block the delivery of a phishing simulation when sending a large number of emails, at once.
Review your mail server or filter settings for its rate-limiting rules to ensure that the phishing test reaches your users' mailbox.
Although we do not recommend this, a potential workaround is to temporarily turn off rate limiting. If you do this, be sure to turn it back on as soon as the phishing emails have been delivered successfully.
Note: Conduct a preliminary test campaign yourself and 1-2 other users before you send a broader Phishing Simulation.
We recommend that you run at least one phishing campaign that is limited in scope to only one or two administrative users who can confirm receipt and tracking of clicks on phishing links.
This should be done before the baseline test and will help you confirm that our phishing emails are getting through any spam/firewall protection.
As soon as you are done with your preliminary test, you should delete or hide the campaign so that it will not interfere with your reports or risk score.
IP Addresses
Below is a list of our IP addresses that can be whitelisted.
IP Address | Service Description |
168.245.54.27 | Phishing Readiness / Onboarding/ Training |
52.76.252.34 | If the company is using a custom SMTP |
Phishing Readiness/Onboarding
If you are using Right-Hand SMTP details for your phishing simulations and training email, you are required to whitelist this IP in the following applications.
Gsuite (if applicable)
Outlook365 (if applicable)
Email Endpoint Solution (if applicable)
Firewall (if applicable)
SMTP
If you want to use your own SMTP settings and your SMTP server does not accept the external connection, you are required to whitelist this IP in your SMTP server and firewall.
Email Addresses
Below is a list of our sender emails which you can add to the safe sender list. You are expected to whitelist these emails in your Gsuite, Outlook 365, or Endpoint security solutions.
Email Address | Service Description |
Onboarding Emails | |
Notifications Emails |
Domain Names
Note: You can whitelist the domain names if you are using phishing simulations |
Right-Hand uses fifteen domains for its platforms and landing pages, it is recommended you whitelist these domains. You are expected to whitelist these domains in your firewall and Email endpoint security solutions.
Domain Name | Description |
right-hand.ai | Platform |
linktologin.com | Landing Pages |
ssotowebsite.com | Landing Pages |
linktosso.com | Landing Pages |
inbox-login.com | Landing Pages |
bankng-login.com | Landing Pages |
verified-login.com | Landing Pages |
authupdate.com | Landing Pages |
resetlogin.com | Landing Pages |
account-protect.me | Landing Pages |
discountOffer.com | Landing Pages |
grnaill.com | Landing Pages |
mailboxaccess.com | Landing Pages |
rnicrosoftlogin.com | Landing Pages |
linkdinapp.com | Landing Pages |
Configure Company SMTP Settings
SMTP settings will be used to send your company onboarding, training, and compliance assessment emails. There are a couple of ways how you can use these configurations.
1. Right-Hand Settings
If you do not have access to your company SMTP settings, you can use Right-Hand default settings. If you use this option, all the company emails will be sent using [email protected].
β
2. Your Company SMTP Settings
If you want to configure your company email as a sender email, you are required to fill in your company SMTP details. You need the following details to configure your own SMTP settings:
SMTP Host
Company Domain
Username
Password
Port
Authentication Type
Enable StartTLS
Once you have these details, you can follow the steps to configure your company SMTP.
Your employees can receive emails from either Right-Hand directly or from your customized email address.
Receive emails directly from Right-Hand: Enable the Enable/Disable toggle button in the Use Default Right-Hand CyberSecurity SMTP banner as shown below.
β
Customize your own settings: Disable the Enable/Disable toggle button in the Use Default Right-Hand CyberSecurity SMTP banner. A new Outgoing Mail Server Information section appears from which you can add your own details. Click Test Settings to validate your SMTP Settings. If you receive a success message, click Update to save your SMTP settings.
β
Your Company Sender Email using Right-Hand SMTP
If you want to use the Right-Hand SMTP server to send emails using your company email, you need to configure Right-Hand CNAME in your company DNS settings. Please contact your account manager to get those CNAME entries.