Microsoft Attack Simulation - target users of multiple groups

Question

Hello everyone,

I would like to create a custom phishing simulation targeting people belonging to the "sales" team. I thought I can use the keyword "sales" to look for all the groups with such name in our AzureAD however we have multiple groups and some users are in more than one of the target groups in our very complex environment.

Here my question: if we run the simulation the people in more than one of the target group will they receive only one email simulating the phishing attack or one email per group in which they belong?

Seams logic to me they will get only one email but I can't find the specific documentation stating exactly this.
Thanks for everyone answering my question.

Answer 1

In a Microsoft Attack Simulation, if a user belongs to multiple target groups, they will receive only one email simulating the phishing attack, regardless of the number of groups they belong to. The simulation is typically designed to target individual users, not duplicate emails based on their group memberships.

Although I couldn't find specific documentation that explicitly states this behavior, it aligns with common practices in phishing simulations and is logical from a user experience perspective. Receiving multiple phishing emails for being a member of multiple groups would likely lead to confusion and potentially skew the results of the simulation.

It's always a good practice to review the specific settings and configurations in your AzureAD or the Microsoft Attack Simulation tool you're using to ensure that the simulation behaves as intended and aligns with your organization's requirements. If you have further concerns or need more specific guidance, it's recommended to consult the official Microsoft documentation or reach out to Microsoft support for assistance.