Home

Phishing Detection in Microsoft Forms

%3CLINGO-SUB%20id%3D%22lingo-sub-754552%22%20slang%3D%22en-US%22%3EPhishing%20Detection%20in%20Microsoft%20Forms%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-754552%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20a%20question%20about%20the%20recent%20announcement%20for%20phishing%20detection%20in%20Microsoft%20Forms.%20I%20understand%20the%20detection%20for%20new%20Forms.%20Maybe%20someone%20from%20Microsoft%20can%20also%20explain%20some%20details%20for%20existing%20Forms%3F%20Do%20you%20analyse%20published%20Forms%20from%20the%20past%20too%2C%20or%20just%20new%20Forms%3F%20And%20if%20yes%2C%20what%20will%20happen%20with%20these%20type%20of%20Forms%3F%20The%20same%20like%20if%20you%20detect%20a%20phishing%20Form%20in%20the%20design%20phase%3F%3CBR%20%2F%3E%3CBR%20%2F%3EThanks%3CBR%20%2F%3ETobias%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-754552%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EForms%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-793381%22%20slang%3D%22en-US%22%3ERe%3A%20Phishing%20Detection%20in%20Microsoft%20Forms%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-793381%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F8684%22%20target%3D%22_blank%22%3E%40Tobias%20Asb%C3%B6ck%3C%2FA%3EAccording%20to%20the%20announcement%20in%20the%20Message%20Center%2C%20the%20detection%20is%20performed%20at%20design%20time.%26nbsp%3B%20In%20my%20testing%2C%20it%20appears%20that%20as%20long%20as%20you%20do%20not%20try%20to%20edit%20a%20previously%20created%20Form%2C%20it%20will%20not%20be%20audited%20for%20phishing.%26nbsp%3B%20Below%20is%20the%20specific%20language%20from%20the%20message%20center%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20style%3D%22color%3A%20%23505050%3B%20font-family%3A%20'Segoe%20UI'%2C%20Segoe%2C%20Tahoma%2C%20Helvetica%2C%20Arial%2C%20sans-serif%2C%20SegoeUI-Regular-final%3B%20font-size%3A%2015px%3B%20font-style%3A%20normal%3B%20font-variant-ligatures%3A%20normal%3B%20font-variant-caps%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%200.12px%3B%20orphans%3A%202%3B%20text-align%3A%20justify%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20white-space%3A%20pre-line%3B%20widows%3A%202%3B%20word-spacing%3A%200px%3B%20-webkit-text-stroke-width%3A%200px%3B%20background-color%3A%20%23ffffff%3B%20text-decoration-style%3A%20initial%3B%20text-decoration-color%3A%20initial%3B%20display%3A%20inline%20!important%3B%20float%3A%20none%3B%22%3EThis%20new%20feature%20will%20be%20applied%20to%20all%20public%20forms%20(when%20forms%20setting%20is%20%E2%80%9CAnyone%20with%20the%20link%20can%20respond%E2%80%9D)%20created%20within%20your%20tenant.%20The%20automatic%20detection%20will%20be%20running%20at%20Forms%20design%20time%20and%20if%20any%20suspicious%20phishing%20contents%20(i.e.%20what%E2%80%99s%20your%20password%3F)%20are%20detected%2C%20the%20form%20will%20be%20automatically%20blocked%20for%20sharing%20and%20response%20collection.%20This%20would%20not%20be%20a%20permanent%20block%20as%20the%20form%20can%20be%20unblocked%20if%20the%20form%20designer%20removes%20the%20suspicious%20phishing%20question.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-828118%22%20slang%3D%22en-US%22%3ERe%3A%20Phishing%20Detection%20in%20Microsoft%20Forms%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-828118%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1023%22%20target%3D%22_blank%22%3E%40Jeremy%20Miller%3C%2FA%3E%26nbsp%3BThanks%20for%20your%20answer%2C%20and%20sorry%20for%20the%20late%20reply.%20I%20can%20confirm%20that.%20A%20few%20days%20after%20I%20posted%20the%20question%20I%20opened%20an%20Office%20365%20support%20case%20with%20the%20same%20question.%20The%20support%20confirmed%2C%20as%20long%20as%20an%20author%20does%20not%20modify%20the%20questions%20of%20an%20existing%20form%20nothing%20happens.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Tobias Asböck
Contributor

Hello,

 

I have a question about the recent announcement for phishing detection in Microsoft Forms. I understand the detection for new Forms. Maybe someone from Microsoft can also explain some details for existing Forms? Do you analyse published Forms from the past too, or just new Forms? And if yes, what will happen with these type of Forms? The same like if you detect a phishing Form in the design phase?

Thanks
Tobias

2 Replies
Highlighted

@Tobias Asböck According to the announcement in the Message Center, the detection is performed at design time.  In my testing, it appears that as long as you do not try to edit a previously created Form, it will not be audited for phishing.  Below is the specific language from the message center:

 

This new feature will be applied to all public forms (when forms setting is “Anyone with the link can respond”) created within your tenant. The automatic detection will be running at Forms design time and if any suspicious phishing contents (i.e. what’s your password?) are detected, the form will be automatically blocked for sharing and response collection. This would not be a permanent block as the form can be unblocked if the form designer removes the suspicious phishing question.

Highlighted

@Jeremy Miller Thanks for your answer, and sorry for the late reply. I can confirm that. A few days after I posted the question I opened an Office 365 support case with the same question. The support confirmed, as long as an author does not modify the questions of an existing form nothing happens. 

Related Conversations
Unable to upload .msg files via forms
NaveenKumar_M in Microsoft Forms on
2 Replies
Formatting Table Data in Microsoft Forms
Nickyl in Microsoft Forms on
2 Replies
Deleted forms don't actually delete
cf247reed in Microsoft Forms on
4 Replies
Adding client identifiers on each page
teenyh in Microsoft Forms on
0 Replies
Permanent home for a form for ongoing input?
OldFatDog in Microsoft Forms on
2 Replies
Can't re-open a survey - suggestions?
chicago225 in Microsoft Forms on
3 Replies