Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET! Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET!
Office|Office 365|Outlook

Microsoft Continues Battle Against Malware with Outlook Add-in

Microsoft.com

Ongoing Battle Against Malware

I have covered the changing tactics used by Exchange Online Protection (EOP) in its ongoing battle to combat malware several times recently. EOP runs in the background to analyze and block suspicious email, using techniques like Dynamic Delivery to make sure that end users only receive safe email.

Inevitably, although Microsoft has some of the best security experts in the world working on EOP, a small percentage of bad stuff gets through and arrives into user mailboxes. Now, Microsoft is making it easier to report when unwanted email arrives in the Inbox. Or conversely, to let them know when Exchange redirects messages to the Junk Email folder and those messages are perfectly good.

A New Outlook Add-in

Microsoft’s solution is the “Report Message” add-in for Outlook 2016 that they automatically publish to Exchange Online users. The add-in shows up in the menu bar and is available when any email folder is chosen (the add-in is deactivated when Outlook is positioned in a non-email folder, like one that stores an RSS feed).

Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.

Report Message Anti-malware add-in
Figure 1: The Report message add-in (image credit: Tony Redmond)

The intention is that people use the add-in to report bad messages that sneak into their Inbox to Microsoft. Messages can be reported as “Junk”, such as spam that you do not expect to see arrive into your Inbox, or “Phishing”, one of those dangerous messages that lure people into doing the wrong thing, like giving their credit card details to a friendly spammer. If a legitimate message ends up in Junk Email, you can tell Microsoft that something went wrong with their email screening.

Letting Microsoft Know

You can also send a copy of massages marked as Junk or Phishing to Microsoft to help them understand the characteristics or “signature” of the message and how it managed to evade EOP screening (Figure 2).

Outlook Report Message add-in Options
Figure 2: Junk Email Reporting Options (image credit: Tony Redmond)

The default is to ask before sending, which is a safeguard in case you select a message incorrectly. No one wants to accidently send copies of confidential emails to Microsoft. But the copies of reported messages are incredibly important to help Microsoft’s security researchers understand how attackers evolve their methods to avoid detection.

Making Things Easy

There’s nothing new in asking users to help improve the effectiveness of anti-malware technology by providing samples of messages that get through. In the past, Microsoft asked people to send copies or problem messages to them by email. Of course, everyone promptly forgot the email address or could not remember it when a problem message arrived. Building the functionality to report bad messages into Outlook is just sensible. Microsoft should probably have done this long ago. Some malware will always sneak through, but giving Microsoft examples of what does get through is a good way to help them close off the holes.

Everywhere in Office 365 Soon

The add-in is available to preview customers now and is likely to be rolled out to all Office 365 tenants after Microsoft has had a chance to evaluate customer feedback. In line with Microsoft’s strategy to make Outlook a brand where all clients get the same functionality when it makes sense, I expect to see this feature eventually turn up in OWA and the Outlook mobile clients.

And if you don’t like the idea behind the add-in, you can easily remove it. Which is what I expect spammers’ friends to do.

Follow Tony on Twitter @12Knocksinna.

Want to know more about how to manage Office 365? Find what you need to know in “Office 365 for IT Pros”, the most comprehensive eBook covering all aspects of Office 365. Available in PDF and EPUB formats (suitable for iBooks) or for Amazon Kindle.

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

Tony Redmond has written thousands of articles about Microsoft technology since 1996. He covers Office 365 and associated technologies for Petri.com and is also the lead author for the Office 365 for IT Pros eBook, updated monthly to keep pace with change in the cloud.

Register for Advanced Microsoft 365 Day!

GET-IT: Advanced Microsoft 365 1-Day Virtual Conference - Live August 24th!

Join us on Tuesday, August 24th and hear from Microsoft MVPs and industry experts about how to take advantage of Microsoft 365 at a technical level and dive deep into the features and functionality that will make your environment more secure and compliant.

RSVP Now

Sponsored By