cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Sent from Outlook for iOS links Being Quarantined in Defender

Brok3NSpear
Brass Contributor

‎Apr 24 2024 11:44 PM

‎Apr 24 2024 11:44 PM

Sent from Outlook for iOS links Being Quarantined in Defender

Hi,

 

Microsoft seem to be falsely flagging their own shortening URL for hxxps://aka.ms/o0ukef as High Confidence Phishing

 

This is the link that is created in emails when a user sends an email from Outlook for iOS

Brok3NSpear_1-1714027286834.png

 

Brok3NSpear_0-1714027151298.png

 

This is causing a lot of emails to be blocked and sent to the Quarantine queue.

 

Can someone at MS take a look and get this addressed.

175 Views
0 Likes
1 Reply
Reply
1 Reply
UrjaGandhi

‎May 10 2024 01:24 PM

‎May 10 2024 01:24 PM

Re: Sent from Outlook for iOS links Being Quarantined in Defender

Summary: Recently, Microsoft Defender for Office 365 observed false positives from heuristic-based detections related to URLs targeting fake Microsoft notification emails, e.g. Password expiry notifications. These detections are used to target the ever-changing email threat landscape and adjust to new tactics and techniques by various threat actors. These specific detections have been adjusted and the false positive issue has been mitigated. Furthermore, Microsoft Defender for Office 365 has implemented a long-term solution to handle such aka.ms links in a more robust fashion.

Thanks,
Microsoft Defender for Office 365 Product Group
0 Likes
Reply