10-17-2017 01:49 PM
About a week ago, I noticed that all URLs were suddenly extremely long/obscure, and beginning with something like: https://nam02.safelinks.protection.outlook.com/?url=
It destroys the URL visibility experience.
I quickly realized that this was an Office 365 (E5) feature called ATP, but I'm not talking about Office 365 here but rather the consumer Outlook.com site.
I need to find out if we're going to be able to disable this, and when.
It's unbelievable that MS just foisted it on us, since it's not even in the vast majority of Office 365 plans! I realize that some people have been seeing it longer than one week.
10-24-2017 01:46 PM
It is terrible! I understand and appreciate the attempt to reduce the risk of phishing and malicious attacks, but they screwed up my primary method of avoiding them! Now, with the extra-long "safelinks.protection.outlook.com" link replacement, I don't feel safe clicking on any link! This is a major step backwards and a huge hindrance to my ability to determine if a message is legitimate (or a phishing attack) and if a link is safe or not. This "improvement" makes the product worse. Plus, it will probably cause more problems in the long run if it gives people a false sense of security that they will be protected if they click on a malicious link when (not "if") someone figures out how to imitate and hack the system so their malicious links look like the safe one. Unfortunately, this complaint will more than likely fall on deaf ears -- talking to Microsoft often is as effective as talking to a brick wall.
10-30-2017 09:30 AM
This is now confirmed in today's announcement- Premium Outlook.com features now available to Office 365 subscribers:
For Office 365 Home and Office 365 Personal subscribers, we now offer additional security against the most sophisticated types of threats in two ways:
10-30-2017 09:35 AM
To add here is the page with more details - Advanced Outlook.com security for premium subscribers. The included FAQ says this about disabling these features and it also confirms the behaviour you are seeing:
Can I deactivate these security features?
To provide the best protection for your account, these features are on by default and not designed to be turned off. You can contact our customer service team via in-product support to have them deactivate the features on your behalf, but we do not recommend it.
Why do links in my messages look different?
After you activate the advanced security features, links in your email might look different. For example, in some messages links might appear longer than usual, and include text such as "na01.safelinks.protection.outlook.com." This is related to the checks we perform to protect you from phishing attacks.
10-30-2017 10:54 AM
Are we supposed to assume that Microsoft will GUARANTEE that ALL the URL links that they replace with their " https://nam02.safelinks.protection.outlook.com/?url=" are SAFE for me to click on? If that is not the case, then Microsoft has made things worse. I want to see some official documentation from Microsoft that says Microsoft certifies and guarantees that the URL links that they replace are 100% safe (now and in the future). Again, Microsoft is a rude company for changing something so important without any kind of notification or opt-out capability.
10-30-2017 11:46 AM
You can opt-out of this per the info I posted earlier if it's really too much and then you won't get these types of links anymore.
Bear in mind this is a feature that's been around for years on the commercial side of Office 365, that's very much trusted. I know the links look a bit odd and it may seem strange but this is adding a level of protection that only comes with the top of the range Enterprise edition of Office 365 and will keep customers, now including consumers better protected from cyber-threats.
11-01-2017 12:54 PM
Absolutely agree that this has completely stuffed up my outlook. I run a hotmail.com account and a work Office 365 account and all this has done has driven me to gmail (maybe that was the idea).
Height of arrogance to turn this on with no ability to turn it off. e.g. I cant click on a facebook, linkedin link.
Please turn it off.
Tony
11-01-2017 01:00 PM
11-04-2017 07:02 PM
Past years, Microsoft was taunting Google to read the emails of their users with "Gmail Man".
But today, Microsoft modifies the emails of their users without asking.
At least, it could have been like a post modification in the ui... but even with other mail client, the urls are ruined.
Just... why ?!
11-07-2017 01:13 AM
Another Microsoft disaster ! I have been asking them to switch this off for my account for 3 weeks now, with no action.
11-08-2017 07:15 AM
The "why" is easy. If you look at the advertisement for this feature to corporations, at https://products.office.com/en-us/exchange/online-email-threat-protection?irgwc=1&clickid=wvJ1wuSUzz...
you'll find:
"Get rich reporting and track links in messages
Gain critical insights into who is being targeted in your organization and the category of attacks you are facing. Reporting and message trace allow you to investigate messages that have been blocked due to unknown viruses or malware, while URL trace capability allows you to track individual malicious links in the messages that have been clicked."
I wonder, for all non-corporate entities on the Office365 platform, who gets access to the message link tracking and rich reporting data?
11-23-2017 02:22 AM
01-30-2018 11:54 PM
Besides obscuring the url, these extra long links get broken on my Android device, so when I click on the link I get a page error. It forces me to use my laptop instead of my mobile.
But wait! there is another solution.
I am switching back to making Gmail my primary email account.
Ah yes, sanity has been restored. Once again I can see the link, I can click on it, and it opens on my phone without waiting forever, and getting a broken page link.
Microsoft, give me the power to decide please. I want to choose what happens to my links.
@Brian Fumo wrote:
About a week ago, I noticed that all URLs were suddenly extremely long/obscure, and beginning with something like: https://nam02.safelinks.protection.outlook.com/?url=
It destroys the URL visibility experience.
I quickly realized that this was an Office 365 (E5) feature called ATP, but I'm not talking about Office 365 here but rather the consumer Outlook.com site.
I need to find out if we're going to be able to disable this, and when.
It's unbelievable that MS just foisted it on us, since it's not even in the vast majority of Office 365 plans! I realize that some people have been seeing it longer than one week.
02-02-2018 02:05 AM
@Cian Allner wrote:
This is now confirmed in today's announcement- Premium Outlook.com features now available to Office 365 subscribers:
For Office 365 Home and Office 365 Personal subscribers, we now offer additional security against the most sophisticated types of threats in two ways:
- Scanning attachments—Sophisticated techniques detect new types of malware previously not seen, giving you protection against today’s most advanced threats.
- Checking links—When you click a link in an email, it is checked in real-time to determine if the destination website is likely to download viruses or malware onto your computer. If the site is found to be malicious, a warning screen alerts you not to access the site.
@Cian Allner wrote:
This is now confirmed in today's announcement- Premium Outlook.com features now available to Office 365 subscribers:
For Office 365 Home and Office 365 Personal subscribers, we now offer additional security against the most sophisticated types of threats in two ways:
- Scanning attachments—Sophisticated techniques detect new types of malware previously not seen, giving you protection against today’s most advanced threats.
- Checking links—When you click a link in an email, it is checked in real-time to determine if the destination website is likely to download viruses or malware onto your computer. If the site is found to be malicious, a warning screen alerts you not to access the site.
i want to disable the new sec urity features.i cannot access some job invoices which i have to complete
02-02-2018 03:35 AM
Wished I had not got up this morning.
Office 365 Home user.
Any link from an email in Outlook now gives me:
This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner.
Can directly connect to the relevant page without problem - using edge - how do I fix this 'new feature' of ATP?
02-02-2018 03:58 AM
Fixed it - I hope.
Changed the default browser to IE and problem went away.
Changed default back to Edge and did not return.
URL now changed, goes to safelinks etc and then switches to normal url.
Back to the rest of the day.
02-09-2018 05:13 PM
I'm still waiting for a method to disable this abject failure of Outlook/Office 365 "ATP". It obfuscates links in all emails - making it impossible for me to evaluate the trustworthiness of a link, while preventing me from navigating to legitimate and necessary web sites! I have a SIGNIFICANT amount of time invested in this product and a LOT of data under its management. My frustration level is rising to an unprecedented level over something very easy for Microsoft to fix!
Out of nowhere - Microsoft decided to completely change the operational model of interaction with links in emails and released it without providing users with a way to disable this "feature" if it causes them usability problems - like in my case - where it has completely hobbled my ability to navigate to needed web sites!!!
Microsoft...!!! Come on... wake up and listen to totally valid and reasonable requests to allow long-time paying customers of this product to undo this mess you foisted on us... please!
Respectfully,
Jeff TX
02-10-2018 05:45 PM
02-14-2018 05:11 AM
"You can contact our customer service team via in-product support to have them deactivate the features on your behalf, but we do not recommend it."
How do I do that?
02-15-2018 03:34 PM
02-16-2018 10:28 AM - edited 02-16-2018 10:31 AM
This ATP facility has blocked EVERY link in my hotmail accounts. The only way around it is to remove from the Browser adddress the Microsoft ATP prefix code.....up to the HTTP:// point where your web address starts. in other words, REMOVE ...https://nam02.safelinks.protection.outlook.com/
03-14-2018 09:38 AM
I DO NOT WANT ATP ON MY SYSTEM - I CAN GET NO ACCESS TO PREVIOUSLY BONA FIDE Http, i.e. internet weblinks. CAN SOMEBODY PLEASE ADVISE AS TO HOW I CAN EITHER REMOVE, OR NEAUTRALISE, ATP
03-14-2018 12:30 PM
Hi, Here might be the solution provided by Microsoft = this worked for me !!!
Run PSR....instructions below.....
As soon as I followed this instruction the problem went away :)
Outlook Support |
February 18, 2018, 02:18 +0000 |
Hi Peter,
|
03-14-2018 12:33 PM
03-14-2018 12:50 PM
How does capturing a PSR and sending it to Outlook.com support fix the issue with the ATP "safelinks"? What problem of yours was solved?
03-24-2018 01:02 PM
Please tell me how to contact them as I have tried every possible way I know and it always renders a chat option to which I click and the chat box just spins then gives same CV:xxx error code each time. This new way of changing my links has become horrid for my end users and clients as a simple www.mikesprotech. com link even in my email signature looks horrid not to mention as an IT Admin this is teaching users bad habits of simply trusting long links which resemble the ones Microsoft creates. Most people are not going to analyze the link closely enough nor may not know how or what all to look for.
If anything, Microsoft can examine the link and simply put a trust mark or something beside the ORIGINAL link rather than have an email with several links all garbled up looking not to mention how this service is going to affect links in emails which are stored in backups then accessed months/years later.
PLEASE PLEASE PLEASE give me a link or information on how to contact Microsoft to have this disabled.
Thanks for your sharing of information on the chat board.
It is the most useful Ive found online so far.
03-25-2018 07:44 AM
Are you on Office 365? This is on the roadmap, and most likely coming to consumer Outlook also.
03-25-2018 09:50 AM - edited 03-25-2018 09:55 AM
I’ve had my hotmail account for years and yes I have Office 365 Personal edition, I use Outlook 2016 when at PC but mainly apple mail on iPad and iPhone when on the go which is most of the time. I will try sending links from outlook and see if it does not change them, should it not change the links I suppose I’ll have to use outlook email client on my mobile devices yet I should not have to nor should this service be forced on me or any user which as I said earlier teaches users bad habits of trusting these long links which hackers will easily catch on and change one piece of the code then re direct users incorrectly. This is the worst move I’ve seen MS do in quite some time now.
I did not notice these links changing till a month or two ago when a client I work with brought to my attention as I had sent him an email with several links to different products he had asked me to compare (I’m IT Admin for local law firm and own my own small IT ontract company).
After finding this article this weekend, I’ve tried to find a way to contact Microsoft and only get the chat option (no option to email them to request them to remove this).
Perhaps its due to the weekend and no one is answering their chat service which just opens the chat box, spins and then gives an error code “CV:xxx”.
If anyone has a way I can contact MS as the lady in this post suggest, please let me know.
Otherwise i’ll Attempt to contact them during the week next week once again.
03-27-2018 09:16 AM - edited 03-27-2018 09:21 AM
I'm reading that alot of people are upset about this change and well, yes it is a little harder to easily read the URL, but this is a really good thing people. Microsoft is really attempting to protect its customers, for free, in the same way that other major (Gartner Magic Quadrant) vendors/providers are for a very high cost.
If you'd like a quick and simple URL decoder, I've posted one here that I distributed to my work and posted to the Intranet for staff/employees to use.
Decode Safelinks: Link
Request: One thing I would like if some MS MVP or ATP guru could tell me, what does each of the tokens (Data and Pipes '|' like "02|01|myemail@address.com|cfad9384a1804ef230af08d593f8b95b|0662477dfa0c4556a8f5c3bc62aa0d9c|0|0|636577618830257637") in the parameter string mean. Is this information useful to IT that would enable us to discern more about the URL provided?
03-27-2018 10:24 AM
04-02-2018 08:25 AM
I want to turn this function off on all computer logons
@Peter Gorton UK wrote:
See the solution described below by Peter Gorton, provided by Microsoft. Nutshell.....run PSR instructions given below.
There is no link below.
04-02-2018 11:36 PM
Possible solution.....
1. On your keyboard, press “Windows Key” and “R” simultaneously. (Windows key is located on the lower left of your keyboard, in between of the Ctrl and Alt)
2. A pop-up will appear on your screen
3. Type "PSR" without quotation marks and hit enter
This was all I needed to do for the problem to go away.
However, if the problem remains,
4. Click Start and reproduce the issue that you are facing with the Outlook.com on the browser
5. When done, click on stop record and save the log file to your desktop
6. Kindly attach the log file to an email and send it to Outlook Support so they can investigate it for you.
04-03-2018 06:32 AM
Peter, you keep posting this information about using the PSR program to capture a log file and it has nothing to do with the issue we are all having. Microsoft has replaced the links to external internet sites and documents with their "safe links" in all our received Outlook email messages and, because the new links are obscure, it makes it nearly impossible for us to see the original link so that we can make our own judgment as to whether the link is "safe" or not. There is NOTHING to be gained by capturing some kind of log (and who do you suggest we send it to?). Collecting a log WILL NOT fix the problem (as you imply with "This was all I needed to do for the problem to go away"). If you do not understand the problem and you don't understand that your "suggestion" is worthless, then please quit posting it.
04-03-2018 07:23 AM
Just Post the fix to this VERY BIG problem then. People here are desperately helping, trying things based upon the answers they perceive from phone support in order to share with the broader community.
If no resolution is posted it is taken as an answer that has no value.
Phoning in to support each single time is two hours, and a person scrambling to talk with others, hold time and a hang up. No call back. Not even a credit card from me to establish a Support Case number, resolution, remote assistance or follow up.
You can see how frustrated we all are with Microsoft Support here and by phone.
Michael Leary
Sr. Systems Analyst
Microsoft Registered Partner since 1995
04-03-2018 07:25 AM
Thanks Peter for your contribution.
04-03-2018 07:27 AM
Since I have two premium paid msn accounts, several live and hotmail accounts, three gmail and one Yahoo all sub'd to the .edu Office365 account (outlook 2016) setup to get all email and then backed up weekly I am a power user for sure. My email is long in years and heavy in content and why as an IT admin since Dos 2.0 and a registered MS partner since 95 I have some stuff I just cannot lose continuity with.
This will take some time I assume. I am going to open a case and pay if necessary to see if I can get all of it changed. I turned off some stuff in Defender as well that may have been related to Cloud. There are other community posts 'Disable Defender Advanced Threat Protection' and another 'ATP safe links policies somehow applied to Hotmail now?'
This is largely hard for Outlook support to handle it seems and some very very angry customers. Some support people in Outlook support have no clue. I think that is why my 2 hour support calls get hung up.
It seems a permission on the cloud side that users cannot set to off. See the links for a Powershell Remove-SafeLinksPolicy...
Note. I also just received an email about the "Outlook Team [right] has enabled premium features for Office365 subscribers, including no ads and advanced email security."
I think I just got bit by the oh cr@p fairy. My Webroot has always surpased my wildest security concerns along with Spybot S&D and weekly Defender.
Grey and Whitelisting takes up slack. I really can see why Edge, Chrome and IE are now so slow and choking my CPU's to make my laptops freeze. I hard shut down daily and save work every time I make change. It is insane.
Seems we are hostages.
More today. ...
04-25-2018 06:54 AM
Don't forget this "faux" link gives Microsoft the ability to insert a "Man-In-The-Middle" attack. Or in the very least, the ability to scan/read every mail. The Gov has always had this ability at the POP in DCs, that's one thing. However, we were not given a choice to have information circumvented to a private company.
05-15-2018 12:44 PM - edited 05-15-2018 12:50 PM
They re activate this feature on my account.... AAAAAAAAAAaaaaaaaaaaa T-T
Maybe this time they will not spent 28 days to deactivate it
05-18-2018 02:58 PM
You are offering a decoder for links we shouldn't need to decode?
Here's my problem: The URL with "safelinks" in it doesn't tell me anything about the link. Is it a link to an adult site called cuddly kittens or a site featuring pictures of cats? I'll have no clue until I click because the URL has been replaced.
Other vendors that scan emails insert a message informing the reader it was scanned. If a malware is found the email is deleted and the message is replaced with one that states that. No obfuscation of links. Either you get it intact or you don't.
05-20-2018 10:30 AM
06-13-2018 04:08 PM
The number of ways MS is crapping on its users are too many to keep track of.
One of the worst was when I joined the Insider Program for Windows 10. I ended up with no OS at all on my computer because it erased my Win8.1 license and as a reward for participating I got an invalid Win10 Pro license. They didn't even hold their end of the deal. And MS themselves said I have myself to blame for using their software. Their words, not mine.
Or what about when they disabled the support for hotmail in Windows Live Mail? Why stop users from using the "in house" mail service?
06-13-2018 04:12 PM
06-19-2018 10:04 PM
Call me paranoid, but MS reads every URL that is sent to me in an e-mail, and through Safe Links now knows every URL on which I actually click? Sounds like a great data mining opportunity to me. They may pass the URL through a screen to check it, but I just don't believe they don't also track the URLs I follow. I can't (easily) copy the URL and paste it into my browser to prevent that because now it passes first through an MS server before directing me to the real URL. Sad.
06-19-2018 10:44 PM
08-20-2018 08:29 AM
Talking to Microsoft is like talking to a brick wall? This is an insult to brick walls everywhere! How dare you!
09-01-2018 06:27 AM
09-06-2018 08:38 AM
09-06-2018 11:44 AM
10-08-2018 05:39 PM
Microsoft has ruined my experience in OUTLOOk. What possessed M$ to come up with such a cluttered behavior? As a retired engineer I am more and more frustrated by M$ changes thrust on us without notice before hand.