main logo

How to Get Google to Display Images for Phishing Campaigns: A 10-Step Comprehensive Guide

Phishing Campaigns

Phishing campaigns are essential for assessing organizational security awareness, but when tools like Gmail block images, it undermines the realism of the simulation. This can result in banners that say, “Images are not displayed. Display Images Below – Always Display Images for @.com”*—a dead giveaway to recipients and a challenge for administrators.

If you’re struggling with this issue, here’s a detailed guide to help you ensure images in phishing campaigns display automatically in Gmail, enhancing the effectiveness of your security awareness testing.

Why Gmail blocks images in phishing campaigns

Gmail’s default settings prioritize user security by blocking external images to prevent malicious attacks. Gmail uses an image proxy service to cache external images and control their display. While this improves security, it disrupts phishing simulations by making emails less realistic.

To address this, administrators need to adjust settings and configurations to align Gmail’s security policies with the requirements of phishing campaign tools like Bullphish and Usecure.

Steps to get Google to display images automatically

1. Check and confirm whitelisting settings

Even if you’ve already whitelisted your campaign emails, verify that everything is configured correctly:

  • Add Trusted Senders: Ensure your phishing campaign’s sending domain and email addresses are included in the Google Workspace Admin Console’s allowlist.
  • Enable Trusted Sender Image Display: Ensure Gmail recognizes these senders as safe and displays their images automatically.

2. Disable image URL proxy

Gmail’s image proxy service caches images to prevent their automatic loading. To bypass this:

  • Go to Google admin console.
  • Navigate to Apps > Google Workspace > Gmail > Spam, Phishing, and Malware.
  • Disable caching or proxying for your trusted domains if an option exists.

3. Optimize DNS records for image trust

Configure your DNS records to build Gmail’s trust in your emails.

  • SPF: Set up SPF to authorize your email server for sending messages.
  • DKIM: Digitally sign emails to verify their authenticity.
  • DMARC: Guide email providers on handling unauthenticated emails.
  • BIMI (Brand Indicators for Message Identification): While primarily for branding, this helps establish domain trust.

4. Validate the image hosting server

Gmail evaluates where images are hosted. Follow these best practices:

  • Ensure all image URLs use HTTPS.
  • Host images on a trusted domain that matches your sending domain.
  • Avoid overly aggressive tracking parameters, which Gmail might flag as suspicious.

5. Adjust Google Workspace policies for all users

Admins can configure Gmail to automatically display external images for all users in an organization:

  1. Go to the Google Admin Console.
  2. Navigate to Apps > Google Workspace > Gmail > User Settings.
  3. Enable the Always display external images option for the entire domain.

6. Review third-party phishing tool configurations

Phishing campaign tools like Bullphish and Usecure often have settings for image delivery in Gmail.

  • Ensure image URLs generated by these tools comply with Gmail’s security preferences.
  • Use vendor support to configure Google-specific image display options.

7. Embed images directly

If Gmail continues to block hosted images, consider embedding images directly in your email campaigns. Inline images bypass external URL checks and improve display consistency.

8. Host images on Google Drive

Using Google Drive for image hosting can increase Gmail’s trust in the content, reducing the chance of images being blocked. Share images with public access and use Drive-generated links in your campaigns.

9. Educate users for real-world scenarios

If technical fixes don’t completely resolve the issue, educate users about the “Display Images” banner. Emphasize that this behavior is common for certain emails and is part of Gmail’s security.

10. Contact Google support

For persistent issues, reach out to Google Workspace support. Provide details about your phishing campaign setup and request assistance in resolving image display problems.

Conclusion: Strengthen your phishing campaigns with Medha Cloud

Addressing Gmail’s image display restrictions is critical for delivering realistic phishing simulations. By following these steps, you can enhance your campaigns and provide a more accurate test of your organization’s security awareness.

Need expert assistance in optimizing your phishing campaigns and securing your organization? Contact Medha Cloud today for tailored cybersecurity solutions that protect your business while promoting effective awareness training. Let us help you achieve a secure and informed workforce!

Reach us at:

  • India: +91 93536 44646
  • US: +1 646 775 2855
  • Websitewww.medhacloud.com
  • Email: info@medhacloud.com
Benjamin Gbolaru
Benjamin Gbolaru
I'm Benjamin, a Microsoft 365 Specialist, helping small and large businesses deploy, configure, and secure M365 environments to maximize the benefits of Microsoft tools. With sound expertise in driving cloud adoption, identity and access management (IAM), security monitoring, system reliability, and proactive troubleshooting.
Share
Contents

Related Articles

medhacloud logo
USA:
Medha Cloud Solutions LLC
30 N Gould St Ste R, Sheridan, WY 82801,
Phone: +1 646 775 2855

India:
Medha Cloud Solutions Private Limited
#74, 7th Cross, Krishna Garden InCity Layout. Chikka Kammanahalli, Banneraghatta Road, Bangalore 560083
Phone:+91 93536 44646

E-Mail: sales@medhahosting.com
©Medha Cloud 2024. All rights reserved.