Forum Discussion

rpodric's avatar
rpodric
Bronze Contributor
Oct 17, 2017

Advanced Threat Protection (ATP) is ruining Outlook.com

About a week ago, I noticed that all URLs were suddenly extremely long/obscure, and beginning with something like: https://nam02.safelinks.protection.outlook.com/?url=   It destroys the URL visibil...
email
outlook on the web
Boris Vacher's avatar
Boris Vacher
Copper Contributor
Nov 05, 2017

Past years, Microsoft was taunting Google to read the emails of their users with "Gmail Man".
But today, Microsoft modifies the emails of their users without asking.

 

At least, it could have been like a post modification in the ui... but even with other mail client, the urls are ruined.

 

Just... why ?!

  • null null's avatar
    null null
    Copper Contributor
    Apr 25, 2018

    Don't forget this "faux" link gives Microsoft the ability to insert a "Man-In-The-Middle" attack. Or in the very least, the ability to scan/read every mail. The Gov has always had this ability at the POP in DCs, that's one thing. However, we were not given a choice to have information circumvented to a private company.

  • J B's avatar
    J B
    Copper Contributor
    Nov 08, 2017

    The "why" is easy. If you look at the advertisement for this feature to corporations, at https://products.office.com/en-us/exchange/online-email-threat-protection?irgwc=1&clickid=wvJ1wuSUzzaQ131UoIQUmQB9UkmUoLQxRWth2U0&WT.mc_id=AID601174_AFF_10078_3327__243952

     

    you'll find:

    "Get rich reporting and track links in messages

    Gain critical insights into who is being targeted in your organization and the category of attacks you are facing. Reporting and message trace allow you to investigate messages that have been blocked due to unknown viruses or malware, while URL trace capability allows you to track individual malicious links in the messages that have been clicked."

     

    I wonder, for all non-corporate entities on the Office365 platform, who gets access to the message link tracking and rich reporting data?

    • Simon Bannister's avatar
      Simon Bannister
      Copper Contributor
      Nov 23, 2017
      Looks like it doesn't work - I've spent 30 minutes trying to see if an email link is safe due to the new safelink address making it unreadable. So I read this https://blogs.office.com/en-us/2017/10/30/premium-outlook-com-features-now-available-to-office-365-subscribers/?eu=true and assumed I would get a warning if the link was not legitimate. h**s://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fisasj9ber25gfspqybdnd23dl8tgo.whatsappsec.club&data=02%7C01%7Csimonbannister%40hotmail.co.uk%7Cec72a33f54c949f3d1a808d532556ed0%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636470264862145789&sdata=a%2BwuT4xNMaVWMDrbdmDvlxPXfNjDaeBYFEgtxaHoXts%3D&reserved=0

      Turns out this is hosted by http://carpentiericorrado.com/ and not WhatsApp.
  • Keith Hall's avatar
    Keith Hall
    Copper Contributor
    Nov 07, 2017

    Another Microsoft disaster ! I have been asking them to switch this off for my account for 3 weeks now, with no action.

Resources