Cybermate Admin Control Centre

Welcome to the Cybermate Admin Control Centre

Your dedicated space for managing Cybermate’s user access, phishing simulations, and testing cycles.

 

Add & Manage Users – Stay in Control

Effortlessly manage your team’s access by adding new users under “Menu” > “Users”. From this section, admins can:

 

• Invite new team members to participate in security training via a simple CSV file
• Update user roles and permissions for enhanced control
• Remove inactive users to keep the platform streamlined 

• SSO & EntreID Enabled – Simply approve the Cybermate SSO URL and all staff can access Cybermate via the Microsoft tab on the login screen in one easy click

 

Ensure Cybermate Phishing Emails Are Received – Prevent Firewall Blockages

Phishing emails often contain deceptive links designed to trick recipients into providing sensitive information. To ensure users receive essential phishing simulations and that firewalls do not block Cybermate Phishing email delivery, admins must allow-list the following email domains:

 

• @cybermate.com.au
• @yourcybermate.com.au
• @customer-service.com.au
• @account-support.com.au
• @login-account-alert.com
• @secure-google-alert.com

 

Allow-listing these domains guarantees that Cybermate platform emails and our phishing simulation emails reach users as intended, helping reinforce cybersecurity awareness and training.

 

Instructions for Microsoft 365 (Exchange Online Protection)

If your organisation uses Microsoft 365 (Outlook/Exchange), we recommend adding Cybermate domains to the Tenant Allow/Block List, as this is the most secure and effective method.

 

Step-by-Step (Microsoft 365 Defender Portal)

1. Go to Microsoft 365 Defender Portal
   
2. Navigate to: Email & Collaboration > Policies & Rules > Threat Policies
3. Select Tenant Allow/Block List
4. Under the “Allow” tab, click “+ Add”
5. Add the following domains one by one:

• • @cybermate.com.au
  • @yourcybermate.com.au
  • @customer-service.com
  • @account-support.com.au
  • @login-account-alert.com
  • @secure-google-alert.com

 

6. Save the changes

These entries help ensure Cybermate simulation and training emails are not mistakenly flagged as spam or phishing by Microsoft’s filtering systems.

 

Alternative Method: Mail Flow Rule (Transport Rule)

If the above is not possible, IT admins may create a mail flow rule:

• • Go to: Exchange Admin Center
    
  • Navigate to: Mail Flow > Rules > + Add a rule
  • Set the rule name: e.g., “Bypass spam filtering for Cybermate”
  • Conditions:

• • Sender domain is one of the Cybermate domains listed above
  • The message header includes:

• • Header name: Authentication-Results
  • Header values: dmarc=pass OR dmarc=bestguesspass

• • Actions:

• • Set spam confidence level (SCL) to bypass spam filtering
  • Add custom header (e.g., X-ETR: Cybermate Trusted Sender)

• • Save the rule

Never create rules that bypass spam filtering based solely on sender domain. Always verify DMARC authentication to reduce spoofing risk.

 

Other Email Systems (Gmail, Mimecast, etc.)

If your organisation uses Google Workspace or other security platforms, consult your provider’s documentation or IT admin to:

• • Add the domains above to your email allow list or firewall.
  • Ensure spam/phishing filters don’t block emails from Cybermate.
  • Add exceptions or trusted rules if available.

If needed, we can provide tailored whitelisting guides for Google Workspace or any third-party filters.

 

How to Send a Simulated Phishing Email with Cybermate

Step 1: Allowlist Cybermate Domains – Before you begin, make sure your IT team has allowlisted Cybermate’s email domains. This ensures simulation emails land in inboxes and aren’t blocked or flagged.

 

Step 2: Start the Simulation. From the Cybermate admin dashboard, select Send Phishing Email.

 

Step 3: Choose “Send Email”. This opens the campaign setup screen.

 

Step 4: Select Your Company. Confirm the organisation the simulation is being sent from.

 

Step 5: Choose Your Recipients. Select the user group or individuals you want to include in the simulation.

 

Step 6: Pick a Template. Choose a phishing email template from the library, or customise your own.

 

Step 7: Add a Subject Line. Admins can personalise this to suit the scenario (e.g. “Urgent Invoice” or “Staff Survey Reminder”).

 

Step 8: Set the “From Name”. This is the name that appears in the sender field, usually a brand or department (e.g. “Finance Team” or “HR Portal”).

 

Step 9: Set the “Before Email Name”. This is the display name before the email address, typically the same brand or organisation.

 

Step 10: Choose a Sending Domain. Select from 4–6 available email domains to help simulate unfamiliar or external senders.

 

Step 11: Preview the Email. Click the eye icon to check how the email will appear to recipients.

 

Step 12: Submit the Campaign. Once everything looks good, hit Submit to launch the simulation.

 

Reset the Platform – Stay Ahead of Security Challenges

Admins can reset the platform anytime under “Settings” in the menu, ensuring users retake their security tests and stay prepared for evolving threats. Choose from:

 

• Manual Reset – Trigger an immediate reset at your discretion, prompting all users to retake their assessments.
• Leave it to us – Automatic Reset – Let Cybermate handle it, periodically refreshing the testing cycle and notifying users via email.

Every reset keeps users vigilant and enhances security awareness across your organisation.

With full control over user access, phishing simulations, and platform resets, admins play a key role in maintaining a secure and informed digital environment.