M365 Changelog: Handling Malicious Intra-Organizational Messages by Default

MC678056 – Microsoft has turned on intra-organizational protection by default for high-confidence phishing messages that contain a malicious or spam-based URLs in Microsoft Defender for Office 365. Microsoft is doing this along with the handling of intra-organizational messages (MC577356).

When this will happen:

Rollout is complete for handling of intra-organizational messages by default. 

How this will affect your organization:

The default behavior is to quarantine intra-organizational messages that contain high confidence phishing URLs. If you want to opt-out of this behavior or opt-in to additional protection, you can adjust your preferences within the anti-spam policy. More information can be found in this Configure spam filter policies documentation.

If you do nothing, the policy will default to act on messages containing high confidence phishing URLs after rollout.

What you need to do to prepare:

You don’t need to do anything, however, if you don’t want to act on intra-organizational messages, you can opt-out by changing the Anti-spam setting to NONE. If you prefer to opt-in to additional protections, you can select one of the other options from the drop down.