SOLVED

Requesting a review of a blocked link - Safe Links Advanced Threat Protection

Copper Contributor

We receive several emails from companies that use a particular click counting service that appears to have been flagged as malicious by Advanced Threat Protection. Is there a way for me to request that the links be reviewed to verify that the site is hosting malicious code and if not for the block to be changed?

17 Replies
best response confirmed by Jimmy_Comer (Copper Contributor)
Solution

Yes, read the last item in the FAQ here: https://technet.microsoft.com/en-us/library/mt789012(v=exchg.150).aspx

 

Well, read the whole FAQ, it's great! 🙂

Thank you. I had probably seen that before but forgot it was there. I'm not really sure why Microsoft support could not have pointed me there. I did one final check before sending in the URL's and they are no longer flagged as malicious.

Dusting this off, I've got the same question, i'd like to confirm that you are referring to the "Malware Protection Center" (https://www.microsoft.com/security/portal/submission/submit.aspx) -- it seems maybe that is specifically for ATP Safe Attachments, rather than safe links (though maybe I am reading it wrong).

There is also a place for reporting missed URLs, but I dont see the one specifically for URLs that are for false positives for Safe Links.

I dont think there's a special place for Safe Links, but I can at least ask 🙂

Sorry to resurrect a dead thread, but we are having the same problem as Jimmy with ATP "Safe Links" reporting a legit website as dangerous/malware/phishing. I have searched but have not found a place to report and resolve this false positive? Any ideas?

 

The site is not flagged by SmartScreen in Edge, so I'm unable to file a report there. The warning only appears in Outlook.com and Office 365 when a link to our site is clicked.

 

Thanks for any pointers!

Jonathan

Same question from me please - got a link that no other phishing/malware-check is reporting as being a problem and we're pretty sure the email's provenance is good... but no way we can see of reporting/checking with Microsoft to find out why it's being flagged.
On a similar note, it would be useful to know how to flag a link as being 'unsafe' - we've had a spate of emails recently that contain links that are clearly phishing for the user's O365 login but which are not being picked up by ATP

The whitelist is only good for the organization you admin for. The solution we are seeking is across all of Office 365 and Outlook.

Understood, and I agree, it would be great to have a place to refer the companies I have to whitelist to for larger resolution with MS as a whole. 

Hi Microsoft,

 

Do you have any updates on this ? It would be efficient, office 365 wise, to have a place where to submit safe links false positives.

 

Thanks in advance!

@ragnar286 we have same problem here. The article you point to links to Office 365 "Security & Compliance Center". To access that, one needs to have a subscription to Office 365 for Business Premium. One should not be required to a paid subscription just to submit a URL for evaluation/review.

 

We are a SAAS company who sends lots of emails with links to perform various actions as result of the customer reservation. Only in the last few days we have noticed ATP Safe Links is blocking (or at least showing a warning message) all the links in our emails. This is not just for one Office account.

Where do we submit these links for re-evaluation, without having to subscribe to your office suite?

 

@Bookeo_Help +1 we have experienced something similar and can find no ways to petition our links for review, despite Microsoft being customers and our SaaS being Microsoft Approved Vendors. How do we remove our links from Office 365 Safe Links?

@Bookeo_Help

@zach__moreno 

 

We are currently having exactly the same problem.  Everything on our domain is being blocked by safelinks.  Did you find a solution to this issue?  To get Microsoft to re-evaluate your domain?

 

Thanks a lot

Hi everyone...we are starting to see same behavior for our domain...being blocked by safelinks. Did anyone here manage to solve this issue..?

Thanks!

@Bookeo_Help

@nicholaswestley 

@matjazs 

 

Did any of you have any resolution to this? We're experiencing similar issues as a SaaS provider.

1 best response

Accepted Solutions
best response confirmed by Jimmy_Comer (Copper Contributor)