Cyber Guru 2.0 Help Center
Contact us
Home
Getting Started
Company Admin Manual
Whitelisting & Report
Microsoft 365
Whitelisting

Forwarding with Power Automate with Dedicated Web License Account:

Edited

Microsoft Guide: https://learn.microsoft.com/it-it/power-automate/get-started-logic-flow

In the box set up to receive reports, it is necessary to create a process using the Microsoft Power Automate Cloud flow function, aimed at routing the reported message according to this logical scheme:

We have implemented a Power Automate configuration for the "Report Phishing" button.

The logic of the rule applied to Power Automate for the button to function is explained in the previous image.

The logic is as follows:

"When an email arrives in" the selected "INBOX" box,

- if the condition "client-ip=95.110.231.245" or "CGRE: en2358nfwf348fnw932jdo4fe4rrewffd" or "client-ip=85.235.135.191" is true:

The email is forwarded to the folder set by the user.

- If it is false:

No action is taken."

N.B. Obviously, this rule is purely an example. Both the condition and the action are fully customizable based on the company's needs.

To configure Power Automate, follow these steps:

1. Go to the link https://make.powerautomate.com/ and select "Automated cloud flow"

2. Enter Flow Name

Enter "when a new mail" in the search field and then select "When a new mail arrives (V3) Office 365 Outlook"

Click "Create"

3. Select the "Inbox folder" and click on "Next"

4. Select "Condition Control"

5. Enter the condition as indicated in the figure and click "Add an action" in the "If yes" section

Set the condition to "OR" and the data to be entered in the first row after "contains" is: CGRE: en2358nfwf348fnw932jdo4fe4rrewffd

By clicking on "New item," select "Add row" to enter additional rows

The 2nd data to be entered in the right part of "Contains" is: client-ip=95.110.231.245

The 3rd data to be entered in the right part of "Contains" is: client-ip=85.235.135.191

6. Select "Forward an email (V2)"

7. Select "Add dynamic content," search for "message" in the search field and select "Message ID"

8. Enter the report email in the "To" field as shown in the example in the figure

Email to enter in the "To" field: defenders@cyberguru.report

9. Click on "Save"

Disclaimer