-
Blocking More Obvious Phish – Attachment Filtering
One relatively easy way to block some categories of phishing email is to block the attachment type that is sent with some of these messages. For example, I have had a few of these recently: Hovering over the attachment I see the filename, and it ends .shtml. This attachment is for server-side HTML (SSI includes […]
-
More Frequent Quarantine Notifications in Exchange Online Protection
Available from the end of April 2023 there is now an option to increase the notification interval to end users about items in the quarantine. The Microsoft 365 Quarantine is at https://security.microsoft.com/quarantine and though this is a good link to add corporate intranets, its also a useful one for users to remember and bookmark. Up […]
-
Allowing “Phish” Training Emails in Exchange Online
With the introduction of “Secure by Default” in Exchange Online, where you used to add IPs and other settings such as allow-lists to allow your phish training emails to get through to your users this will no longer work, and shortly it will no longer work to bypass the Exchange Online filters using mail flow […]
-
Exchange Online Warning On Receipt Of New Email Sender
Released recently to no fanfare at all, Microsoft now has a SafetyTip that appears if you receive email from a first time recipient. Most often phish emails will come from an address you have never received email from before, and sometimes this email will try to impersonate people you communicate with or are internal to […]
-
Office 365 Advance Threat Protection Attachment Preview
It is now possible to preview attachments that Advanced Threat Protection (ATP) is currently in the process of checking. This was enabled on my tenant recently and so will come to all tenants soon. It was mentioned at Microsoft Ignite 2017. It looks like this. You get the email with the standard ATP attachment saying […]