Office 365 update to improve phishing and spam filtering

Office 365 update to improve phishing and spam filtering

Microsoft are updating their phishing and spam filtering protection layers to better protect Office 365 email users. This comes after a lengthy period of email interception through rule comprise, the lack of 2FA being rolled out to end-users meaning Office 365 email platforms have been breached, and also where businesses have still have not added on external email cyber security layers (such as MX filtering) to protect their company email from phishing, spam and ransomware.

So what’s happening and when?

Microsoft are updating something called the “Zero-hour auto purge (ZAP)” to move post-delivery identified phishing and spam messages to Quarantine (this is a separate manageable view within the Office 365 Admin Portal) to better align the ZAP action to the mail flow action defined in the company anti-spam policy.

Microsoft will be gradually rolling this out to Office 365 end users starting in early October with the roll out complete worldwide by the end of November.

How does this affect users?

After this update, ZAP will move post-delivery detected phishing or spam mails to Quarantine if the respective phishing/spam action rules in the Spam policy is set to Redirect, Delete, or Quarantine.

If the policy action is set to Move to Junk, then ZAP will continue to move the message to Outlook Junk folders. If the policy action is Add X-header, Modify Subject, or No Action, then ZAP will do nothing.

How can we manage the quarantined messages?

If you are an Office 365 admin, you can manage messages that were sent to quarantine by using the Security & Compliance Center in the Office 365 Admin Portal. Simply login to Office 365 Admin and visit the Security and Compliance Center. On the left, expand Threat Management, choose Review, and then choose Quarantine.

Within this view you can view all messages that were sent to quarantine and then action them, for example release if it’s a false positive.

For more information on managing messages sent to quarantine visit https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/find-and-release-quarantined-messages-as-a-user


The following two tabs change content below.
David has held positions as Operations Director and Head of IT in legal and professional firms for more than 10 years. He is a Director and co-owner of Amazing Support, an Award Winning, Microsoft Silver & Cyber Essentials accredited specialist Managed IT Support and Cyber Security company. David actively helps SME businesses receive better Managed IT Support and Cyber Security Services in the London and Hertfordshire areas. He also assists overseas companies who are looking to expand their business operations into the UK and helps with their inward investment IT process. A member of The Chartered Institute for IT (BCS), UK Council for Child Internet Safety (UKCCIS) and an event speaker promoting business start-ups and technology awareness. David is also an Accredited Mediator. Married with a son, David enjoys driving his hybrid around Hertfordshire, participating in charity bike rides and is a keen Krav Maga practioner.