Office 365 Anti Phishing

Microsoft Office 365 has nearly 60 million end users worldwide. Not only is it the most popular Office suite package, but it is properly equipped to cater to most businesses.

Even though Windows is a big brand, the software is still prone to hacking and phishing attacks. Today, we will look at the information you need to know regarding Office 365 phishing protection and attacks. This will enable you to ward off cyber attacks more easily.

Office 365 Phishing Attacks

Phishing attacks/phishing attempts on Microsoft 365 security are common because the increased number of users increases the chances of success for hackers.

Since most businesses make use of the software, phishing attacks can allow hackers to get their hands on secret or confidential information.

Cyber attackers use sophisticated ways to fool email recipients into handing over login credentials/data. Therefore, knowing what a phishing email looks like can prevent employees/business owners from coming under fire.

Phishing Attack Email Examples

Let us look at some common examples of phishing emails/incoming emails below:

Non-delivery Emails

Phishing emails that show up as undelivered and have ‘send again or retry’ links are fake. This scam is common as most people send a couple of emails daily, so differentiating between fake and real emails is difficult.


These attacks are geared towards basic phishing defense protocols in Microsoft Office 365. A legitimate file is used to get past the system. The file contains a malicious link and collaboration tools (example: SharePoint).

Storage Limit Alerts

A fake warning saying that you have reached the storage limit for Office 365. You may be asked to re-enter your credentials to activate the quota/limit to fix the issue.

Reactivation Request

Phishing emails asking for reactivation with a link and a fake login page are used in this attack. Once the user enters their credentials, they are stolen and used to launch a full-fledged attack.

Office 365 Phishing Attack History

AppRiver, a cybersecurity company, reports that nearly 100 million phishing emails were sent to users of Office 365 in 2017. These numbers only increased in the upcoming years. Therefore, businesses must amp up security protocols to keep data safe and secure.

Advanced Threat Protection For Office 365

Microsoft Office 365 ATP (Advanced Threat Protection) or Office 365 anti-phishing is a security solution that is part of the software and its services like a partner program.

ATP scans incoming mail and detects spoofing, malicious links, and malware. Anything that comes across as a phishing attempt is immediately blocked, and the email will fail to reach the inbox.

Enabling Phishing Protection

Office 365 ATP does not exactly need to be enabled. Subscribed users can automatically avail of this service while running Office programs.

However, the Office 365 ATP options are flexible and can be changed based on user needs.

Office 365 Policies For ATP

Office 365 ATP allows a global or security administrator to select anti-phishing policies based on a company’s needs. These include:

  • Selecting trusted senders/domains.
  • Picking preventive measures against phishing emails. Users can pick between quarantine, move to the junk folder, add anti-phishing tips, redirect, deliver, or no action.
  • Select users/domains you wish to protect.
  • Turn mailbox intelligence on or off.
  • Pick options from advanced phishing thresholds.

Advanced Thresholds In ATP

Office 365 anti-phishing ATP not only allows users to select options/policies to promote phishing protection, but it also allows users to set certain thresholds.

Advanced options include handling sketchy emails with moderation, intensity, or with rigorousness based on the set thresholds.

Aggressive settings are not always the most suitable choice, as some important emails can also get marked as spam/malware.

Is Office 365 ATP Sufficient?

The Office 365 anti-phishing is smart enough to block most phishing attempts but should not be considered a complete Microsoft 365 security package. Since blocking phishing attacks/malware is not Microsoft’s expertise, the ATP can fall short in many circumstances. If you feel comfortable with it, you should use other anti-phishing software along with Microsoft ATP.

Is Office 365 ATP Available For Everyone?

With its anti-spoofing protection, ATP helps protect companies against phishing emails and credential theft/data breaches. But, can all users avail the ATP functions?

The answer is no. Only Microsoft Office 365 users with an Enterprise E5 license are allowed to use ATP. It comes in the form of an add-in. Therefore, if you wish to use Microsoft’s security protection, ensure your company has the latest edition of Office 365 ProPlus on a Windows operating system.

Prerequisites To Check For Before Using ATP Policies

  • Read up on all points/options regarding ATP/Office 365 anti-phishing on the official website.
  • You must be a true member of the security/system administrators.
  • Select and pick the most suitable policies that apply to your company.
  • Free up around 15 to 30 minutes of your time for proper Office 365 installation and anti-phishing policy setup.

What Are The Steps To Setting Up Microsoft Office 365 Policies?

Let’s look at the steps you need to follow to implement the anti-phishing policies in Office 365 successfully:

  1. Open up a web browser on your Windows Desktop PC.
  2. Go to the O365 Security and Compliance center present in the administrator account.
  3. Select ‘Threat Management’ from the left side.
  4. A policy page will load up from where you need to enable the ‘Advanced Threat Protection’ anti-phishing option.
  5. Click the ‘+Create’ button to create a new policy for phishing protection.
  6. A window with anti-phishing settings will load up where you need to enter a short description and policy name.
  7. Select next to continue with policy creation.
  8. Go to the ‘Add a Condition’ menu to set the policy condition based on business requirements.
  9. Pick a domain name for the configuration. You can also pick custom domains through the ‘Exchange Online’ tenant.
  10. Use the ‘Add a Condition’ button to add more based on how many policies are needed.
  11. When done, click next to load up the ‘Review Your Settings’ page.
  12. Double-check all your data on this new window.
  13. Use the ‘Edit link’ option to make any changes.
  14. Select ‘Create this policy’ to gear your newly created policy into effect.
  15. Your settings will apply to all associated user accounts.


Phishing attacks can cause a company/business to lose confidential/personal data and cause fake login by hackers. These can easily be used against the company in multiple layers, especially by competitors.

Therefore, using Microsoft Office 365 anti-phishing is your best bet. You should also opt for other malware/anti-phishing software to ward off attacks fully.

Derik Belair

As President and CEO, Derik leads the vision, strategy and growth of Augmentt. Prior to founding Augmentt, Derik was the Vice President at SolarWinds, leading the digital marketing strategy for SolarWinds’ Cloud division. Derik has been working in the channel for over 20 years, starting his career as a channel sales rep at Corel Corp. and eventually becoming the first employee at N-able Technologies in April of 2000.
SUBSCRIBE for more resources
Related Content

Agent and Agentless

    When it comes to Augmentt Discover, we believe in flexibility and power. Augmentt Discover can collect SaaS usage data using both an Agent and Agentless model. Here is a quick [...]

    Product Evaluation Guide

      Thank you for starting your Augmentt Product Evaluation and Trial   Here are a few resources that will help you through this technical process. Support Technical Support is available to [...]
      Augmentt is a centralized SaaS security platform built for MSPs to deliver scalable managed security services for Microsoft and cloud apps. Our multi-tenant platform gives you visibility across all your end-users to easily audit, protect and detect security threats for a holistic approach to cyber security.