EKU IT is pleased to announce that we will be enabling Office 365 Advanced Threat Protection (ATP) on our Microsoft systems soon. In addition to other protections already in place, ATP helps protect the EKU community from malicious attacks by providing better spam and malware protection for email, SharePoint Online, OneDrive, and Microsoft Teams.
Even with this additional security, remember that you must take personal responsibility for your actions and be vigilant against attacks at all times. Whether you know it or not, you are always a target for scammers and hackers. This includes your email and EKU Direct accounts as well as your PC, mobile devices, and other sources of personal information. Protect these just as you guard your purse, wallet, or any other valuables!
One of the settings we are turning is the “Quarantine” feature that will catch some messages before they can arrive in a person’s junk email folder. As messages are caught and held, MS will send that user an email indicating there are messages in quarantine to review/delete/release. The benefit to the end user is that email messages containing malware might not even land on the user's device.
Every week you will receive an email from firstname.lastname@example.org like the image below. For each message you will se a Sender, Subject, Date, and three option boxes. Some emails may have 1-2 messages and some will have more. You should look through each of these in the event a legitimate email was flagged by Microsoft.
The three options for each message are:
You can follow this link to see all messages in the quarantine folder: https://protection.office.com/?hash=/quarantine (Login with EKU credentials)
MANAGE YOUR QUARANTINED MESSAGES
When you receive these, you can do the following actions on the alerts:
1. Do nothing. If you choose to do nothing (you KNOW it is a spam or phishing email), the message will be deleted by Office 365 automatically upon expiration (30 days). Remember, when Office 365 deletes a message from quarantine, you can't get it back.
2. Preview. This allows you to look at the message with no harm to your PC. (This does not include clicking links or opening attachments, however.
3. Release message. Release a quarantined message (or set of messages) so that the message is sent to your mailbox. When you release a message, you have the option to report the message to Microsoft for analysis.
When you choose to report a message, also called reporting a message as a false positive, the message is reported to the Microsoft Spam Analysis Team. The team evaluates and analyzes false positive messages, and, depending on the results of the analysis, the service-wide spam content filter rules may be adjusted to allow these messages through.
4. Download message Lets you download the message as a .eml file. Once you download a message, you can review the .eml file using your email client before releasing the message.
5. Remove from quarantine. EKU IT has disabled this since it is permanent plus they will be permanently deleted after 30 days of receipt.
VIEW DETAIL FOR A SPECIFIC MESSAGE
After you select a message, you'll see a summary of the message properties in a pane on the right side of the page.
You can get even more details about the message by choosing one of the following options: