10-17-2017 01:49 PM
10-17-2017 01:49 PM
About a week ago, I noticed that all URLs were suddenly extremely long/obscure, and beginning with something like: https://nam02.safelinks.protection.outlook.com/?url=
It destroys the URL visibility experience.
I quickly realized that this was an Office 365 (E5) feature called ATP, but I'm not talking about Office 365 here but rather the consumer Outlook.com site.
I need to find out if we're going to be able to disable this, and when.
It's unbelievable that MS just foisted it on us, since it's not even in the vast majority of Office 365 plans! I realize that some people have been seeing it longer than one week.
10-24-2017 01:46 PM
It is terrible! I understand and appreciate the attempt to reduce the risk of phishing and malicious attacks, but they screwed up my primary method of avoiding them! Now, with the extra-long "safelinks.protection.outlook.com" link replacement, I don't feel safe clicking on any link! This is a major step backwards and a huge hindrance to my ability to determine if a message is legitimate (or a phishing attack) and if a link is safe or not. This "improvement" makes the product worse. Plus, it will probably cause more problems in the long run if it gives people a false sense of security that they will be protected if they click on a malicious link when (not "if") someone figures out how to imitate and hack the system so their malicious links look like the safe one. Unfortunately, this complaint will more than likely fall on deaf ears -- talking to Microsoft often is as effective as talking to a brick wall.
10-24-2017 02:09 PM
Unfortunately this seems to be a pretty standard implementation for the sandboxing feature. It's used similarly by Proofpoint and Mimecast in similar fashions. HOWEVER, it seems as though all companies have a visibility item on their roadmap to make the experience better.
10-30-2017 09:30 AM
This is now confirmed in today's announcement- Premium Outlook.com features now available to Office 365 subscribers:
For Office 365 Home and Office 365 Personal subscribers, we now offer additional security against the most sophisticated types of threats in two ways:
10-30-2017 09:35 AM
To add here is the page with more details - Advanced Outlook.com security for premium subscribers. The included FAQ says this about disabling these features and it also confirms the behaviour you are seeing:
Can I deactivate these security features?
To provide the best protection for your account, these features are on by default and not designed to be turned off. You can contact our customer service team via in-product support to have them deactivate the features on your behalf, but we do not recommend it.
Why do links in my messages look different?
After you activate the advanced security features, links in your email might look different. For example, in some messages links might appear longer than usual, and include text such as "na01.safelinks.protection.outlook.com." This is related to the checks we perform to protect you from phishing attacks.
10-30-2017 10:54 AM
Are we supposed to assume that Microsoft will GUARANTEE that ALL the URL links that they replace with their " https://nam02.safelinks.protection.outlook.com/?url=" are SAFE for me to click on? If that is not the case, then Microsoft has made things worse. I want to see some official documentation from Microsoft that says Microsoft certifies and guarantees that the URL links that they replace are 100% safe (now and in the future). Again, Microsoft is a rude company for changing something so important without any kind of notification or opt-out capability.
10-30-2017 11:46 AM
You can opt-out of this per the info I posted earlier if it's really too much and then you won't get these types of links anymore.
Bear in mind this is a feature that's been around for years on the commercial side of Office 365, that's very much trusted. I know the links look a bit odd and it may seem strange but this is adding a level of protection that only comes with the top of the range Enterprise edition of Office 365 and will keep customers, now including consumers better protected from cyber-threats.
10-30-2017 03:08 PM
'a rude company', ok!
again, no surprise that this has been rolled out to everyone. All the other major enterprise competitors have the feature enabled by default. The question still remains to Microsoft though on an advanced tooltip that shows the 'original' link.
11-01-2017 12:54 PM
Absolutely agree that this has completely stuffed up my outlook. I run a hotmail.com account and a work Office 365 account and all this has done has driven me to gmail (maybe that was the idea).
Height of arrogance to turn this on with no ability to turn it off. e.g. I cant click on a facebook, linkedin link.
Please turn it off.
11-01-2017 01:00 PM
11-04-2017 07:02 PM
Past years, Microsoft was taunting Google to read the emails of their users with "Gmail Man".
But today, Microsoft modifies the emails of their users without asking.
At least, it could have been like a post modification in the ui... but even with other mail client, the urls are ruined.
Just... why ?!
11-07-2017 01:13 AM
Another Microsoft disaster ! I have been asking them to switch this off for my account for 3 weeks now, with no action.
11-08-2017 07:15 AM
The "why" is easy. If you look at the advertisement for this feature to corporations, at https://products.office.com/en-us/exchange/online-email-threat-protection?irgwc=1&clickid=wvJ1wuSUzz...
"Get rich reporting and track links in messages
Gain critical insights into who is being targeted in your organization and the category of attacks you are facing. Reporting and message trace allow you to investigate messages that have been blocked due to unknown viruses or malware, while URL trace capability allows you to track individual malicious links in the messages that have been clicked."
I wonder, for all non-corporate entities on the Office365 platform, who gets access to the message link tracking and rich reporting data?
11-23-2017 02:22 AM