Forum Discussion
Advanced Threat Protection (ATP) is ruining Outlook.com
About a week ago, I noticed that all URLs were suddenly extremely long/obscure, and beginning with something like: https://nam02.safelinks.protection.outlook.com/?url=
It destroys the URL visibility experience.
I quickly realized that this was an Office 365 (E5) feature called ATP, but I'm not talking about Office 365 here but rather the consumer Outlook.com site.
I need to find out if we're going to be able to disable this, and when.
It's unbelievable that MS just foisted it on us, since it's not even in the vast majority of Office 365 plans! I realize that some people have been seeing it longer than one week.
74 Replies
Hi, Here might be the solution provided by Microsoft = this worked for me !!!
Run PSR....instructions below.....
As soon as I followed this instruction the problem went away :)
Outlook Support
February 18, 2018, 02:18 +0000
Hi Peter,
Thank you for sharing additional information regarding the issue. For us to isolate the issue, I would like to request for a screenshot and grab a PSR (Problem Screen Recorder) to investigate the issue further:
Here are the steps you can follow in getting the PSR:
1. On your keyboard, press “Windows Key” and “R” simultaneously. (Windows key is located on the lower left of your keyboard, in between of the Ctrl and Alt)
2. A pop-up will appear on your screen
3. Type "PSR" without quotation marks and hit enter
4. Click Start and reproduce the issue that you are facing with the Outlook.com on the browser
5. When done, click on stop record and save the log file to your desktop
6. Kindly attach the log file to this email before sending so that we investigate it for you.
I will wait for your response together with the PSR. Thank you!
Regards,
Lichner D. – Outlook.com SupportSorry, but PSR has absolutely nothing to do with ATP .. Problem State Recorder - captures the screens and user action -- I would image that the Microsoft Technicians know that Abomination that is ATP looks like.
Thanks. I had no idea what PSR was or is. I did observe M$ chugging away on my modem at every move in OUTLOOK and now I know what it is called. A nice thing they did was to copy my new subdirectories I created on my Laptop access to mail (my preferred usage) to the on-line direct access. That behavior might have a different program name and I can't worry about that. M$ does what M$ wants!
The Messed up URLs for their security scheme is a pain. When I mail to family or a retiree friend I use Verizon or Yahoo at their direct site to avoid all that junk. At every reply the URL junk multiplies.
Everybody needs to push M$ for an opt-out button.
How does capturing a PSR and sending it to Outlook.com support fix the issue with the ATP "safelinks"? What problem of yours was solved?
I DO NOT WANT ATP ON MY SYSTEM - I CAN GET NO ACCESS TO PREVIOUSLY BONA FIDE Http, i.e. internet weblinks. CAN SOMEBODY PLEASE ADVISE AS TO HOW I CAN EITHER REMOVE, OR NEAUTRALISE, ATP
- Exactly, Microsoft's Safe Link technology is plain simple a bad approach to phishing. Whoever thought this was a good idea is an imbe#@%@ and should not be put as a decision maker regarding mail security. This should be opt-in and with a fast and easy way to enable/disable.
- how do I disable it
I'm still waiting for a method to disable this abject failure of Outlook/Office 365 "ATP". It obfuscates links in all emails - making it impossible for me to evaluate the trustworthiness of a link, while preventing me from navigating to legitimate and necessary web sites! I have a SIGNIFICANT amount of time invested in this product and a LOT of data under its management. My frustration level is rising to an unprecedented level over something very easy for Microsoft to fix!
Out of nowhere - Microsoft decided to completely change the operational model of interaction with links in emails and released it without providing users with a way to disable this "feature" if it causes them usability problems - like in my case - where it has completely hobbled my ability to navigate to needed web sites!!!
Microsoft...!!! Come on... wake up and listen to totally valid and reasonable requests to allow long-time paying customers of this product to undo this mess you foisted on us... please!
Respectfully,
Jeff TX
Wished I had not got up this morning.
Office 365 Home user.
Any link from an email in Outlook now gives me:
Can’t connect securely to this page
This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner.
Can directly connect to the relevant page without problem - using edge - how do I fix this 'new feature' of ATP?
Fixed it - I hope.
Changed the default browser to IE and problem went away.
Changed default back to Edge and did not return.
URL now changed, goes to safelinks etc and then switches to normal url.
Back to the rest of the day.
Besides obscuring the url, these extra long links get broken on my Android device, so when I click on the link I get a page error. It forces me to use my laptop instead of my mobile.
But wait! there is another solution.
I am switching back to making Gmail my primary email account.
Ah yes, sanity has been restored. Once again I can see the link, I can click on it, and it opens on my phone without waiting forever, and getting a broken page link.
Microsoft, give me the power to decide please. I want to choose what happens to my links.
Brian Fumo wrote:
About a week ago, I noticed that all URLs were suddenly extremely long/obscure, and beginning with something like: https://nam02.safelinks.protection.outlook.com/?url=
It destroys the URL visibility experience.
I quickly realized that this was an Office 365 (E5) feature called ATP, but I'm not talking about Office 365 here but rather the consumer Outlook.com site.
I need to find out if we're going to be able to disable this, and when.
It's unbelievable that MS just foisted it on us, since it's not even in the vast majority of Office 365 plans! I realize that some people have been seeing it longer than one week.
Past years, Microsoft was taunting Google to read the emails of their users with "Gmail Man".
But today, Microsoft modifies the emails of their users without asking.At least, it could have been like a post modification in the ui... but even with other mail client, the urls are ruined.
Just... why ?!
Don't forget this "faux" link gives Microsoft the ability to insert a "Man-In-The-Middle" attack. Or in the very least, the ability to scan/read every mail. The Gov has always had this ability at the POP in DCs, that's one thing. However, we were not given a choice to have information circumvented to a private company.
The "why" is easy. If you look at the advertisement for this feature to corporations, at https://products.office.com/en-us/exchange/online-email-threat-protection?irgwc=1&clickid=wvJ1wuSUzzaQ131UoIQUmQB9UkmUoLQxRWth2U0&WT.mc_id=AID601174_AFF_10078_3327__243952
you'll find:
"Get rich reporting and track links in messages
Gain critical insights into who is being targeted in your organization and the category of attacks you are facing. Reporting and message trace allow you to investigate messages that have been blocked due to unknown viruses or malware, while URL trace capability allows you to track individual malicious links in the messages that have been clicked."
I wonder, for all non-corporate entities on the Office365 platform, who gets access to the message link tracking and rich reporting data?
- Looks like it doesn't work - I've spent 30 minutes trying to see if an email link is safe due to the new safelink address making it unreadable. So I read this https://blogs.office.com/en-us/2017/10/30/premium-outlook-com-features-now-available-to-office-365-subscribers/?eu=true and assumed I would get a warning if the link was not legitimate. h**s://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fisasj9ber25gfspqybdnd23dl8tgo.whatsappsec.club&data=02%7C01%7Csimonbannister%40hotmail.co.uk%7Cec72a33f54c949f3d1a808d532556ed0%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636470264862145789&sdata=a%2BwuT4xNMaVWMDrbdmDvlxPXfNjDaeBYFEgtxaHoXts%3D&reserved=0
Turns out this is hosted by http://carpentiericorrado.com/ and not WhatsApp.
Another Microsoft disaster ! I have been asking them to switch this off for my account for 3 weeks now, with no action.
Absolutely agree that this has completely stuffed up my outlook. I run a hotmail.com account and a work Office 365 account and all this has done has driven me to gmail (maybe that was the idea).
Height of arrogance to turn this on with no ability to turn it off. e.g. I cant click on a facebook, linkedin link.
Please turn it off.
Tony
- In fact I get no warning message to make a decision. This is what I get back
This page can’t be displayed
•Make sure the web address https://nam02.safelinks.protection.outlook.com is correct.
•Look for the page with your search engine.
•Refresh the page in a few minutes.This ATP facility has blocked EVERY link in my hotmail accounts. The only way around it is to remove from the Browser adddress the Microsoft ATP prefix code.....up to the HTTP:// point where your web address starts. in other words, REMOVE ...https://nam02.safelinks.protection.outlook.com/
Are we supposed to assume that Microsoft will GUARANTEE that ALL the URL links that they replace with their " https://nam02.safelinks.protection.outlook.com/?url=" are SAFE for me to click on? If that is not the case, then Microsoft has made things worse. I want to see some official documentation from Microsoft that says Microsoft certifies and guarantees that the URL links that they replace are 100% safe (now and in the future). Again, Microsoft is a rude company for changing something so important without any kind of notification or opt-out capability.
You can opt-out of this per the info I posted earlier if it's really too much and then you won't get these types of links anymore.
Bear in mind this is a feature that's been around for years on the commercial side of Office 365, that's very much trusted. I know the links look a bit odd and it may seem strange but this is adding a level of protection that only comes with the top of the range Enterprise edition of Office 365 and will keep customers, now including consumers better protected from cyber-threats.
- Opt out (which I have done) does not re-enable emails already received prior to disabling this folly.
This is more like a hijack than it is an anti-phishing tool.
