MIT's email security configuration now quarantines high-confidence phishing threats

February 2, 2024

Please be aware IS&T has recently made a change to the O365 email system for MIT users. High Confidence Phishing threats are now being held remotely in O365’s Quarantine and stopped from reaching your inboxes.

To see what messages are being held, users should, from time to time, go to 

https://security.microsoft.com/quarantine 

and review the messages. Delete the messages that are definitely phishing or spam and release the messages that you know are definitely legitimate. 

The email notice from IS&T is included below:

 

Begin forwarded message:

From: Olu Brown <obrown@mit.edu>
Subject: MIT's email security configuration now quarantines high-confidence phishing threats
Date: January 29, 2024 at 6:29:57 PM EST

For your awareness, MIT's email service provider, Microsoft Office 365, has updated its security configuration to better protect its users and overall email infrastructure.

Previously, Information Systems and Technology (IS&T) had opted MIT into a configuration that allowed all messages marked as spam, regardless of threat level, to be delivered to the user's Junk Email folder. 

To date, Microsoft updated its service configuration so messages identified as "high confidence phishing" threats now must be held in Office 365’s quarantine, rather than delivered to the user's Junk Email folder. Delivering messages flagged as a phishing risk with high confidence to the Junk Email folder is no longer an option.

To view messages held in quarantine, visit:
https://security.microsoft.com/quarantine 

Note: Some users may have a folder in Outlook named Quarantine. This is not where quarantined messages are held now. 

When messages are quarantined, users will be notified by email from quarantine@messaging.microsoft.com. Messages are held in quarantine for 30 days. If the user reviews a quarantined message and determines that it should not have been held, they can request to have it released from quarantine and delivered to their inbox.

An example of the email notification is in the Knowledge Base: http://kb.mit.edu/confluence/x/jAITCg 

Remain vigilant
While Microsoft's security protections are robust, some threats will make it to inboxes. Please remind the community members you support to report suspicious emails to the IS&T Information Security team. In Outlook, there is a “PhishAlert” button to make the process easier. For those who do not use Outlook, the best way to report a suspicious message is to  forward the email as an attachment to phishing@mit.edu.

If you have questions or need help with your MIT email, contact the IS&T Service Desk by calling 617-253-1101, emailing servicedesk@mit.edu, or using the chat feature in the MIT Atlas app.

Thank you,

Olu

Olujimi Brown
Associate VP of Technology
Information Systems & Technology (IS&T)
Massachusetts Institute of Technology
Phone: 617-258-7870
Mobile: 617-413-8810
Email: obrown@mit.edu