Improved Email Security and the introduction of Microsoft Advanced Threat Protection

In response to the increase in SPAM and Phishing emails being sent to UEA Students and Staff, ITCS in collaboration with Microsoft will be rolling out an additional level of security on staff and student email accounts from 10th September called "Advanced Threat Protection" (or ATP for short). 

 

The main benefits of ATP are:

  • The automatic scanning of email attachments before delivery to your mailbox for any suspicious items (and moving to Quarantine if necessary)

  • Real time scanning and replacing of any web links in incoming emails to check for any known Phishing or Malware websites

 

Will I notice any changes?

Yes – all email links will look different after the rollout, and will start with the address https://emea01.safelinks.protection.outlook.com,  which will be followed with a long and unique link to the original content. See example below…

 

 

 

 

For a full list of the messages please see the following website:

https://support.office.com/en-gb/article/office-365-atp-safe-links-warning-pages-fc4e6ebb-5acc-4bc5-bad8-4f3407d1d3f4?ui=en-US&rs=en-GB&ad=GB

 

ATP will work in conjunction with our existing email quarantine system (Exchange Online Protection), and is a further enhancement to that service rather than being a replacement.

 

Our general advice regarding email security (below) is still relevant, but it is expected that the new service will help reduce the number of cases where malicious links are clicked on.

 

  • Do NOT open emails and attachments (especially JPEGs, ZIP, PDF, XLS DOCX or DOC) from unknown senders. It is extremely likely that these contain malware designed to steal your account details or personal data such as bank details

  • Do NOT click on links in email from unknown senders, and definitely do NOT enter your password

  • Be wary of emails that appear to be from people you know but contain content that looks suspicious or out of context. Often malicious emails will 'spoof' a persons email address to make it appear that an email is from the designated sender when in fact it is from a completely different email address

  • If you suspect an email may not be genuine, consider double-checking by contacting the sender using a non-email communication method (e.g. phone)

For further information see: