CybSafe incident

Delay in PHISH delivery for Google Workspace customers

Minor Resolved View vendor source →

CybSafe experienced a minor incident on March 2, 2026 affecting CybSafe PHISH, lasting 73d. The incident has been resolved; the full update timeline is below.

Started
Mar 02, 2026, 11:40 AM UTC
Resolved
May 14, 2026, 12:28 PM UTC
Duration
73d
Detected by Pingoru
Mar 02, 2026, 11:40 AM UTC

Affected components

CybSafe PHISH

Update timeline

  1. monitoring Mar 02, 2026, 11:40 AM UTC

    We are aware of an issue affecting the delivery of CybSafe PHISH simulation emails for some customers using Google Workspace. This is due to a recent change in how Google handles inbound mail from our sending IP addresses, which may cause phishing simulation emails to be quarantined or flagged as spam. We have identified the cause and published updated allowlisting instructions for Google Workspace. If you are experiencing delivery issues, please follow our updated guide: https://help.cybsafe.com/en/articles/9464188-how-to-guide-phish-allowlisting-for-google We are also working on introducing Direct Mail Injection (DMI) as a longer-term solution that will remove the need for IP-based allowlisting entirely.

  2. monitoring May 14, 2026, 12:28 PM UTC

    We're now concluding this incident. We have Google direct mail injection available for all customers as appropriate. This can be configured within the platform, via integration page, this is linked below: https://app.cybsafe.com/settings/integrations/googleDmi

  3. resolved May 14, 2026, 12:28 PM UTC

    This incident has been resolved.