Skip to content
English
Sign in
Contact us
  • There are no suggestions because the search field is empty.

How do I allowlist the Moxso simulation landing page domain in Google Safe Browsing for Chrome

If you're using Google Chrome as your default browser, it may be necessary to allowlist our simulationlanding page.

Google Chrome's Safe Browsing may occasionally flag Moxso simulation domains as deceptive or involved in social engineering. When this happens, users see a warning page when they click a simulation link, which interrupts the simulation flow.

Screenshot 2026-05-20 at 10.43.52

This only applies to credential harvesting simulations that use a landing page. Simulations without landing pages don't trigger Safe Browsing warnings. You only need this configuration if you're running spearphishing simulations.

What you'll need

  • The domain to allowlist: authweb.co
  • Administrative access to one of the following, depending on your environment:
    • Entra ID or Intune (Windows 11)
    • Intune (macOS)
    • Google Admin Console (managed Chrome)

Windows 11 — via Entra ID or Intune

  1. Open the Entra ID Portal and go to Devices > Windows (or open the Intune Portal and go to Devices > Windows).
  2. Click Create > New Policy.
  3. Set Platform to Windows 10 and later and Profile type to Settings catalog.
  4. Name the profile (for example, Chrome Safe Browsing Allowlist — Moxso) and click Next.
  5. Under Configuration settings, click Add settings.
  6. Search for Safe Browsing and select Google Chrome Safe Browsing settings.
  7. Enable Configure the list of domains on which Safe Browsing will not trigger warnings.
  8. Add authweb.co and click Next.
  9. Complete Scope tags and Assignments, then review and create the profile.

macOS — via Intune

  1. Open the Intune Portal and go to Devices > Mac.
  2. Click Create > New Policy.
  3. Set Template to Custom.
  4. Name the profile (for example, Chrome Safe Browsing Allowlist — Moxso) and upload a ChromeSafeBrowsingAllowlist.xml file containing authweb.co.
  5. Assign the profile to the appropriate group, then review and create it.

Managed Chrome — via Google Admin Console

  1. Sign in to the Google Admin Console at admin.google.com.
  2. Go to Device Management > Chrome > Settings (the exact path may vary depending on your console version).
  3. Find the Safe Browsing policy section. It may be labelled Safe Browsing Allowlist, URL Exemptions, or Whitelist.
  4. Add authweb.co to the allowlist.
  5. Save and allow up to one hour for the policy to propagate.

Unmanaged devices

Chrome doesn't offer a per-domain Safe Browsing allowlist for individual users. For unmanaged devices, the only option is adjusting the overall Safe Browsing level in Settings > Privacy and security > Security, which isn't recommended at scale. If you're running simulations across your organisation, a managed policy is the right approach.

Verify the configuration

  1. On a test device, open a simulation link that uses authweb.co.
  2. Confirm that Chrome doesn't show a Safe Browsing warning.
  3. Confirm that the landing page loads correctly.