If users cannot navigate properly when clicking on the link of a simulation, it is likely that the URL is being blocked by the organization's security tools (firewall, proxy, antivirus, etc.).
Why does this happen?
Phishing simulations use SMARTFENSE's own browsing domains.
If these domains are not allowed in the client's infrastructure, access may be blocked when trying to open the link.
How is the phishing URL formed?
The URL is composed of:
The instance subdomain (for example: tenant of tenant.takesecurity.com)
A SMARTFENSE browsing domain (for example: updates-app.com)
Example: tenant.updates-app.com
How to fix it?
Recommended option
Allow browsing to the domains used by SMARTFENSE.
You can find the complete list at:
Settings > Security > Whitelist in the section: Domains for web browsing
Alternative option (more controlled)
If you do not want to allow the entire list of domains, you can:
Choose a specific domain (for example:
updates-app.com)Allow that domain in the client's security tools
Configure the campaign to use that domain
How to configure a specific domain in a campaign?
Go to Campaigns > Calendar / Campaign list
Create a New Phishing campaign
Enter More options
Configure the campaign normally
In the Advanced section:
Select Use custom URL
Choose the desired domain
The platform will show a URL preview, which must be allowed in the client's environment.
Considerations
If the domain is not allowed, the user will not be able to access the site
The blocking depends on the organization's security policies
It is recommended to validate access before launching the campaign
💡 Best practices
Predefine the domain to use in the campaign
Validate access from the client's network before sending
Properly configure the whitelist to avoid blocks