Setting up Office 365 anti-phishing Policies

Introduction

Attacks through email are one of the most common methods used by hackers to gain entry into a network. Phishing is a technique used by hackers to retrieve sensitive information such as a user’s account credentials, financial information or marketing campaign etc. In a phishing attack, hacker contact the user posing as a legitimate sender to target the user into providing sensitive data such as personally identifiable information, banking or credit card details, and passwords. Phishing emails usually contain branding and URLs that, on the surface, appear legitimate. They also typically convey a sense of urgency to persuade the user to act quickly.

Office 365 Anti-Phishing policies are available as part of Office  365 Advance Threat Protection to help you configure Anti-phishing policies to protect against these threats.

Office 365 advance threat protection is available as part Office 365 E5 license or can be added as standalone license.

ATP anti-phishing applies a set of machine learning models together with impersonation detection algorithms to incoming messages to provide protection for commodity and spear phishing attacks.

Phishing attempts often entice users to click a link to a malicious website that looks legitimate except for the URL of the website in question. Upon entering the site, users may be directed to enter personal information that hackers can then use to their advantage. Another possibility is that the site is infected with malware which infects the user’s computer with a payload such as the virus, trojan horse, rootkit etc.

Setting up Office 365 anti-phishing Policies

Anti-Phishing policies setup in Office 365 help protect against phishing attacks. Setting up anti-phishing policies in Office 365, preform the following steps.

  • Go to Office 365 Security and Compliance Center and login with your administrative account.
  • In the Office 365 Security & Compliance Center, in the left navigation pane, Navigate to Threat management and click on Policy.

Setting up Office 365 anti-phishing Policies

  • On the Policy page, Click on ATP anti-phishing.

Setting up Office 365 anti-phishing Policies

  • To create a new policy on Anti-Phishing page, select + Create.

Setting up Office 365 anti-phishing Policies

  • In anti-phishing configuration wizard, Specify the name and description for your policy.

Setting up Office 365 anti-phishing Policies

  • Define recipients or domains in your organization this anti-phishing policy will apply to or exclude. In my case, I’ve applied the policy to my custom domain.

Setting up Office 365 anti-phishing Policies

  • We have selected the domain name of “MsExpertTalk.com” for our configurations. You need to select your custom domains added in Office 365.

Setting up Office 365 anti-phishing Policies

  • Click Next to review your configuration and then click on “Create this policy” to create the policy.

Setting up Office 365 anti-phishing Policies

Once the policy is created, you need to edit the policy to review the impersonation, spoofing and advanced settings to refine your configuration. It’s recommended to revisit these policies in a timely manner to keep up to date with ongoing threats within the organization and stay protected.