Microsoft Defender for Office 365
In addition to our existing anti-malware and anti-spam products, Queen’s is introducing a new solution for Office 365. This will add some additional features to protect users from malware, phishing and spam emails.
The Safe Attachments feature performs additional scans on attachments in emails to check them for malware before delivery to recipients. If malware is detected in an email, it will be quarantined where it can be examined and/or released by administrators.
If scans detect that an email is malicious after it’s delivered, the email may be removed the recipient’s mailbox and quarantined.
The Safe Links feature scans URLs (links) in emails before they’re delivered, as well as when a recipient clicks on a URL in an email. The scans are designed to detect malicious links, such as links to malware or phishing sites.
Safe links can be identified by hovering over a link in an email. Safe links begin with this text:
For example, https://www.qub.ac.uk will be re-written as
If you click on a link which has been identified as malicious, the URL will be blocked, and you will see a warning that the link has been identified as malicious similar to these:
The anti-phishing feature protects users from phishing attacks which pretend to be from other staff within the University – known as spoofing. When emails are detected as having a falsified sender, they will either be quarantined or move d to the Junk Mail folder, depending on the likelihood that the sender is falsified. This protection is also applied to senders which spoof the qub.ac.uk domain.
The anti-phishing feature also adds some additional Safety Tips to Outlook and Outlook Web Access (OWA). These will appear at the top of an email when it has been detected as potentially deceptive. Examples of messages are:
'This sender appears similar to email@example.com , who previously sent you an email, but might not be that person'
'This sender might be impersonating a domain that’s associated with your organization'
'The email address MARY@CoNToSO.CoM includes unexpected letters or numbers. We recommend you don’t interact with this message'