Secure your business

Protect against malicious sites

Your browser does not support video. Install Microsoft Silverlight, Adobe Flash Player, or Internet Explorer 9.
Art with text: Admin center is changing, See https://aka.ms/aboutM365Preview.

Advanced Threat Protection, or ATP, Safe Links help protect your organization from malicious links used in phishing and other attacks. Let's look at how to turn it on.

  1. From admin center at https://admin.microsoft.com, select Security, Threat Management, Policy, and then ATP Safe Links. To get the full power of ATP Safe Links protection in place, edit the default policy and also add a policy for specific users. Let's start by editing the default policy.

  2. Enter one or more URLs that you would like to have blocked for the people in your business.

  3. Select Office 365 ProPlus, Office for iOS and Android to apply protection to links in Office documents.

  4. Select Do not track user clicks, and select Do not let users click through and then Save. Next, we'll define a policy for specific users.

  5. Select the plus sign, add a name and a description if you like. Choose if you want URLs to be checked against a list of known malicious links.

  6. Select Use safe attachments to scan downloadable content to check links that point to downloadable content.

  7. Choose if you want safe links applied to messages sent from people within your organization, whether to track when users click safe links, and whether to prevent users from overriding a blocked link.

  8. Enter the URL for any trusted sites that don't need to be checked, such as your own public websites.

  9. Choose the people to apply the policy to. You may need to enter additional information. Select OK, then Save.

Wait 30 minutes for your policy to work its way through your data center. Now with ATP safe links enabled, when a user receives an email with a link, the link will be scanned. If the link is deemed safe, users will be able to click it. However, if the link is on the blocked list, users will see a message that it's been blocked.

Advanced Threat Protection, or ATP, Safe Links help protect your organization from malicious links used in phishing and other attacks.

Let's look at how to turn it on.

From admin center, select Security, Threat Management, Policy, and then ATP Safe Links.

To get the full power of ATP Safe Links protection in place, edit the default policy and also add a policy for specific users.

Let's start by editing the default policy.

Enter one or more URLs that you would like to have blocked for the people in your business.

Select this option to apply protection to links in Office documents.

Select Do not track user clicks, and select Do not let users click through and then Save.

Next, we'll define a policy for specific users.

Select the plus sign, add a name and a description if you like.

Choose if you want URLs to be checked against a list of known malicious links.

Select this option to check links that point to downloadable content.

Choose if you want safe links applied to messages sent from people within your organization, whether to track when users click safe links, and whether to prevent users from overriding a blocked link.

Enter the URL for any trusted sites that don't need to be checked, such as your own public websites.

Choose the people to apply the policy to. You may need to enter additional information. Select OK, then Save.

Wait 30 minutes for your policy to work its way through your data center.

Now with ATP safe links enabled, when a user receives an email with a link, the link will be scanned.

If the link is deemed safe, users will be able to click it.

However, if the link is on the blocked list, users will see a message that it's been blocked.

Expand your Office skills
Explore training
Get new features first
Join Office Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×