Security & compliance

Set up anti-phishing protection

Your browser does not support video. Install Microsoft Silverlight, Adobe Flash Player, or Internet Explorer 9.

Phishing is a malicious attack where an email looks like it was sent from a familiar source, but it attempts to collect your personal information. By default, Microsoft 365 includes some anti-phishing protection, but you can increase that protection by refining the settings. Let's take a look.

  1. In the admin center at https://admin.microsoft.com, select Security, Threat Management, Policy, then ATP Anti-phishing.

  2. Select Default Policy to refine it.

  3. In the Impersonation section, select Edit.

  4. Go to Add domains to protect and select the toggle to automatically include the domains you own.

  5. Go to Actions, open the drop-down If email is sent by an impersonated user, and choose the action you want.

    Open the drop-down If email is sent by an impersonated domain and choose the action you want.

  6. Select Turn on impersonation safety tips. Choose whether tips should be provided to users when the system detects impersonated users, domains, or unusual characters. Select Save.

  7. Select Mailbox intelligence and verify that it's turned on. This allows your email to be more efficient by learning usage patterns.

  8. Choose Add trusted senders and domains. Here you can add email addresses or domains that shouldn't be classified as an impersonation.

  9. Choose Review your settings, make sure everything is correct, select Save, then Close.

Your organization now has better protection from phishing threats.

Phishing is a malicious attack where an email that looks like it was sent from a familiar source, but it attempts to collect your personal information.

By default, Microsoft 365 includes some anti-phishing protection, but you can increase that protection by refining the settings. Let's take a look.

In the admin center, select Security, Threat Management, Policy, then ATP Anti-phishing.

Select Default Policy to refine it.

In the Impersonation section, select Edit.

Go to Add domains to protect and select the toggle to automatically include the domains you own.

Go to Actions, open the drop-down If email is sent by an impersonated user, and choose the action you want.

Open the drop-down If email is sent by an impersonated domain and choose the action you want.

Select Turn on impersonation safety tips.

Choose whether tips should be provided to users when the system detects impersonated users, domains, or unusual characters. Select Save.

Select Mailbox intelligence and verify that it's turned on.

This allows your email to be more efficient by learning usage patterns.

Choose Add trusted senders and domains.

Here you can add email addresses or domains that shouldn't be classified as an impersonation.

Choose Review your settings, make sure everything is correct, select Save, then Close.

Your organization now has better protection from phishing threats.

Expand your Office skills
Explore training
Get new features first
Join Office Insiders