SOLVED

Report links to ATP

%3CLINGO-SUB%20id%3D%22lingo-sub-295584%22%20slang%3D%22en-US%22%3EReport%20links%20to%20ATP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-295584%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20everyone.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20morning%20I%20received%20a%20link%20from%20a%20customer%20arguing%20that%20ATP%20did%20not%20prevent%20him%20from%20open%20a%20Phishing%20Site.%20By%20this%20hour%20ATP%20takes%20you%20directly%20to%20the%20phishing%20site%20without%20a%20warning%20if%20you%20are%20on%20Edge.%20Google%20Chrome%20stops%20you%20with%20a%20big%20and%20ugly%20red%20background%20warning.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fna01.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fcration.co.crationfd.xyz%252F%26amp%3Bdata%3D02%257C01%257Cmpoveda%2540osomco.com%257C19de26fd9af94e1b83fc08d65aec5764%257C11e3446147a646c4a3ca720f77590ccc%257C0%257C0%257C636796368469803590%26amp%3Bsdata%3DDVw%252BJK8%252FQVAL7P9yxhaf6Qa%252Fhk8BXmOVrtzzlAdeb4I%253D%26amp%3Breserved%3D0%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fna01.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fcration.co.crationfd.xyz%252F%26amp%3Bdata%3D02%257C01%257Cmpoveda%2540osomco.com%257C19de26fd9af94e1b83fc08d65aec5764%257C11e3446147a646c4a3ca720f77590ccc%257C0%257C0%257C636796368469803590%26amp%3Bsdata%3DDVw%252BJK8%252FQVAL7P9yxhaf6Qa%252Fhk8BXmOVrtzzlAdeb4I%253D%26amp%3Breserved%3D0%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EPhishing%20site%20--%26gt%3B%20%3CA%20href%3D%22https%3A%2F%2Fcration.co.crationfd.xyz%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fcration.co.crationfd.xyz%2F%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20question%3A%20Is%20there%20any%20ways%20I%20can%20report%20this%20malicious%20link%20to%20ATP%20as%20the%20email%20address%20we%20use%20to%20report%20phishing%20emails%26nbsp%3Bphish%40office365.microsoft.com%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-297962%22%20slang%3D%22en-US%22%3ERE%3A%20Report%20links%20to%20ATP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-297962%22%20slang%3D%22en-US%22%3EHi%2C%20I%20think%20you%20posted%20to%20the%20wrong%20group%2C%20your%20question%20is%20more%20around%20Office365%20ATP%20and%20phishing%20while%20and%20this%20group%20is%20for%20Azure%20ATP%20and%20ATA%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-296122%22%20slang%3D%22en-US%22%3ERe%3A%20Report%20links%20to%20ATP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-296122%22%20slang%3D%22en-US%22%3E%3CP%3EStrangely%20enough%20-%20your%20message%20has%20popped%20up%20in%20my%20feed%20in%20outlook%20like%20this%3A%3C%2FP%3E%3CP%3E%3CSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fna01.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fcration.co.crationfd.xyz%252F%26amp%3Bdata%3D02%257C01%257Cmpoveda%2540osomco.com%257C19de26fd9af94e1b83fc08d65aec5764%257C11e3446147a646c4a3ca720f77590ccc%257C0%257C0%257C636796368469803590%26amp%3Bsdata%3DDVw%252BJK8%252FQVAL7P9yxhaf6Qa%252Fhk8BXmOVrtzzlAdeb4I%253D%26amp%3Breserved%3D0%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fna01.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fcration.co.crationfd.xyz%252F%26amp%3Bdata%3D02%257C01%257Cmpoveda%2540osomco.com%257C19de26fd9af94e1b83fc08d65aec5764%257C11e3446147a646c4a3ca720f77590ccc%257C0%257C0%257C636796368469803590%26amp%3Bsdata%3DDVw%252BJK8%252FQVAL7P9yxhaf6Qa%252Fhk8BXmOVrtzzlAdeb4I%253D%26amp%3Breserved%3D0%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EPhishing%20site%20--%26gt%3B%20%3CA%20href%3D%22https%3A%2F%2Fcration.co.crationfd.xyz%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fcration.co.crationfd.xyz%2F%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EEven%20though%20this%20is%20from%20*within*%20Outlook%2C%20if%20I%20click%20on%20the%20Phishing%20site%20link%20it%20takes%20me%20directly%20to%20it%20without%20using%20the%20safelinks....%3F%3F%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EI%20wonder%20why%20that%20is%20the%20case%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-295590%22%20slang%3D%22en-US%22%3ERe%3A%20Report%20links%20to%20ATP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-295590%22%20slang%3D%22en-US%22%3E%3CP%3EI%20took%20to%20long%20writing%20my%20question%20%3AD%3C%2Fimg%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20686px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F61503i33AEF11211E17C59%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%222018-12-05%2015_15_16-Protecci%C3%B3n%20contra%20amenazas%20avanzada%20de%20Office%20365.jpg%22%20title%3D%222018-12-05%2015_15_16-Protecci%C3%B3n%20contra%20amenazas%20avanzada%20de%20Office%20365.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBut%20bear%20with%20me...%20Is%20there%20any%20ways%20to%20report%20a%20link%3F%20Believe%20me%20the%20result%20was%20different%2030%20minutes%20ago.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

Hi everyone.

 

This morning I received a link from a customer arguing that ATP did not prevent him from open a Phishing Site. By this hour ATP takes you directly to the phishing site without a warning if you are on Edge. Google Chrome stops you with a big and ugly red background warning.

 

https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcration.co.crationfd.xyz%2F&data=02...

 

Phishing site --> https://cration.co.crationfd.xyz/

 

My question: Is there any ways I can report this malicious link to ATP as the email address we use to report phishing emails phish@office365.microsoft.com?

 

Regards.

3 Replies
Highlighted

I took to long writing my question :D

 

2018-12-05 15_15_16-Protección contra amenazas avanzada de Office 365.jpg

 

But bear with me... Is there any ways to report a link? Believe me the result was different 30 minutes ago.

Highlighted

Strangely enough - your message has popped up in my feed in outlook like this:

https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcration.co.crationfd.xyz%2F&data=02...

 

Phishing site --> https://cration.co.crationfd.xyz/

Even though this is from *within* Outlook, if I click on the Phishing site link it takes me directly to it without using the safelinks....???

I wonder why that is the case?

Highlighted
Best Response confirmed by mlottner (Microsoft)
Solution
Hi, I think you posted to the wrong group, your question is more around Office365 ATP and phishing while and this group is for Azure ATP and ATA