Skip to Content

Microsoft Defender

Microsoft Defender for Office 365

In addition to our existing anti-malware and anti-spam products, Queen’s is introducing a new solution for Office 365. This will add some additional features to protect users from malware, phishing and spam emails.

Safe Attachments

The Safe Attachments feature performs additional scans on attachments in emails to check them for malware before delivery to recipients. If malware is detected in an email, it will be quarantined where it can be examined and/or released by administrators.

If scans detect that an email is malicious after it’s delivered, the email may be removed the recipient’s mailbox and quarantined.

Safe Links

The Safe Links feature scans URLs (links) in emails before they’re delivered, as well as when a recipient clicks on a URL in an email. The scans are designed to detect malicious links, such as links to malware or phishing sites.

Safe links can be identified by hovering over a link in an email. Safe links begin with this text:

For example, will be re-written as

If you click on a link which has been identified as malicious, the URL will be blocked, and you will see a warning that the link has been identified as malicious similar to these:

 Malicious Site

Suspicious Message


The anti-phishing feature protects users from phishing attacks which pretend to be from other staff within the University – known as spoofing. When emails are detected as having a falsified sender, they will either be quarantined or move d to the Junk Mail folder, depending on the likelihood that the sender is falsified. This protection is also applied to senders which spoof the domain.

The anti-phishing feature also adds some additional Safety Tips to Outlook and Outlook Web Access (OWA). These will appear at the top of an email when it has been detected as potentially deceptive. Examples of messages are:

'This sender appears similar to , who previously sent you  an email, but might not be that person'

'This sender might be impersonating a domain that’s associated with your organization'

'The email address MARY@CoNToSO.CoM includes unexpected letters or numbers. We recommend you don’t interact with this message'



  • What impact will this have on my email?

    Typically there will be no impact on your email. Emails may be subject to a very brief delay before delivery while they are scanned. If there is no malicious content in an email, your experience will be no different than it has been previously.

  • What services are protected by Defender for Office 365?

    At the moment, only email is protected by Defender for Office 365. Other systems, such as SharePoint, OneDrive, Teams and your PC are not covered by Defender for Office 365, and you should continue to exercise caution when clicking links or opening files.

  • What should I do if I see the Safe Links or anti-phishing warning?
  • Are my emails and attachments viewed by anyone at Queen’s?

    No, this is an automated process, and there is no manual checking of emails, attachments or URLs.

  • What if a site or link is blocked in error?