Feb 08 2024 03:19 PM
Hi all,
From what I have read I am expecting the marking of emails as Phishing using the Report message add-in in Outlook should result in an Alert generating in XDR based on the default "Email reported by user as malware or phish" policy, but this is not happening in my tenant. Alerts for junk email are getting created, along with Incidents.
Some assistance identifying whey Alerts are not generating for emails reported as phishing would be much appreciated.
Feb 09 2024 02:13 AM
@Edmund_Fearon
Hey, alerts for this are default policy. Go to "Policies & Rules" under Email and Collaboration and choose 'Alert Policy', from here make sure the "Email reported by user as malware or phish" rule is enabled.
Feb 12 2024 11:43 AM
I've seen the same behavior in the past week. Our default alert is enabled and correct. It hasn't been modified in 7+ months.
We receive *some* email notifications stating an email was reported. There haven't been any incidents created for reported phishing emails since 2/2.
Feb 13 2024 10:35 AM
May 22 2024 05:08 AM