Secure your business

Protect against ransomware

Your browser does not support video. Install Microsoft Silverlight, Adobe Flash Player, or Internet Explorer 9.
Art with text: Admin center is changing, See https://aka.ms/aboutM365Preview.

Microsoft 365 helps protect your business against ransomware by preventing potentially dangerous files, like JavaScript, batch, and executables, from being opened in Outlook. To increase this level of protection by adding rules that block or warn you of additional types of files, follow these steps.

  1. From the admin center at https://admin.microsoft.com, choose Exchange under Admin centers.

  2. From the menu on the left, choose mail flow.

  3. On the rules tab, choose the arrow next to the plus (+) symbol, and then choose Create a new rule.

  4. On the new rule page, enter a name for your rule, scroll to the bottom, and then choose More options.

  5. Under Apply this rule if, select Any attachment, and then select file extension includes these words.

  6. In the box under specify words or phrases, enter the file extensions that you want the rule to be applied to, such as file extensions that can contain macros. Use the plus (+) symbol to add them one at a time.

    Learn more about file types by reading Protect against ransomware.

  7. Scroll down to review your list, and then choose OK.

  8. On the new rule page, choose add condition, and then choose a condition under Do the following.

    You have many rule options to choose from, but in this example we'll choose to Notify the recipient with a message.

  9. Enter message text for your notification, and then chose OK.

  10. Optional: On the new rule page, choose add exception, and enter any details for exceptions to your rule, such as messages from trusted senders.

  11. On the new rule page, choose Save, and review the rule summary information provided.

Microsoft 365 helps protect your business against ransomware by preventing potentially dangerous files, like JavaScript, batch, and executables, from being opened in Outlook. You can increase this level of protection by adding rules that block or warn you of additional types of files.

From your admin center, select the Exchange admin center, and then mail flow.

On the rules tab, open the plus symbol drop-down and create a new rule.

Give your rule a name, then scroll to the bottom and select More options. Indicate when your rule should be applied. Select Apply this rule if, then Any attachment, then file extension includes these words. Enter the file extensions that you want the rule to be applied to, such as file extensions that can contain macros. Use the plus sign to add them one at a time. Scroll down to review your list, and then select OK.

Select add condition and a condition from the list. In this case, let's choose Notify the recipient with a message. Then enter the notification message you want the recipient to see. Select OK.

You can also add exceptions, like not applying the rule when a message is sent from a trusted individual.

Finish filling out the form, and select OK. Choose Save.

Review the rule summary information here.

When recipients receive attachments containing one of the specified extensions, they'll receive a separate email that warns them of the possible threat.

Expand your Office skills
Explore training
Get new features first
Join Office Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×