Office 365 Email Protection

Office 365 offers Bowdoin two sets of tools that work in conjunction to protect your mailbox and the entire Bowdoin community from the constantly evolving phishing attacks and malware targeting campus. 

Exchange Online Protection (EOP)

EOP the primary line of defense to address malware, spam, phishing, and bulk email. All non-Bowdoin emails are filtered and scanned by the EOP filters before entering our local Exchange system.

  • Bulk Email: Sent to the Junk-email folder.
  • Malicious URL/Spam/Phishing Sent to junk.
  • Known Malware in Attachment: Message and attachment is deleted  or the attachment is removed and message delivered. (See: What will I notice when a malicious attachment is removed from an email?)
  • Suspicious URL/Attachment: Sent to Office 365’s Advanced Threat Protection.

 

Messages identified as Spam or Bulk are delivered to your ‘Junk Email’ or ‘Junk’ folder.   For more information see: Spam and Phishing

 

Advanced Threat Protection (ATP)

ATP is a second level of protection designed to catch and block the newest and most sophisticated malware and phishing campaigns. It complements EOP to protect against unsafe attachments and malicious links.

 

 

 

What do I need to do?

With Office 365 Advanced Threat Protection you do not need to do anything different.

What will I notice when ‘Safe Links’ scans an email?

Safe Links’ analyzes the URLs in emails for reputation and malicious behavior. If you hover over a URL in an email from a non-Bowdoin email address, you will notice that the URL has been rewritten and starts with https://na01.safelinks.protection.office.com. This address shows that the URL was scanned. You can still see the original URL in the Safe Links URL. The rewritten URL will take you to the intended website.

In Outlook:                              

 

 

 

 

 

 

 

 

 

 

 

 

In Office.com:

When you click on a Safe Links URL, it will usually take you to the intended webpage. Occasionally the URL is still being scanned, and you will see a yellow message. Once the scan finishes, clicking on the URL will take you to the intended webpage. If the Safe Link scan determines the URL is malicious, you will see a red message.

 

 

What will I notice when a malicious attachment is removed from an email?

If EOP discovers a malicious email attachment the attachment is removed and replaced with an attachment named “Malware Alert Text.txt”. The body of the email message is not touched. “Malware Alert Text.txt” is safe to open and contains details about the malware contained in the attachment. It is not necessary to report if you receive an email with a “Malware Alert Text.txt” attachment as the email is safe and the malicious attachment was logged and destroyed.

Example of an email with a replaced attachment and the contents of “Malware Alert Text.txt”:


Please contact the IT Service Desk at 207-725-3030 or Information Security if you have any questions or concerns about Office 365 Advanced Threat Protection, phishing, malware or if you feel a legitimate URL or attachment was blocked.

Print Article

Related Articles (4)

Information on how to release an email message from the Microsoft 365 spam filter.
Information about understanding your mail and what to do with spam, phishing, and bulk emails.