Advanced Threat Protection (ATP) for Email

Microsoft Advanced Threat Protection (ATP) is a new layer of email filtering and protection that works to protect your university Office365 email account. The key ATP protections include phishing mitigation, attachment scanning, and link/URL checking. These actions happen in real time with little/no delay to your messages.

Why we are using ATP?

Phishing, malware/virus delivery, and spoofed links continue to grow in sophistication and success worldwide. We are engaging Microsoft's tools to help protect our users and infrastructure.

What do I need to do?

You will notice an increase in the amount of email that is automatically placed into Junk Email and Quarantine, so we strongly suggest monitoring these areas. You can read more about this at http://help.mail.colostate.edu/tt_o365_release-quarantine.aspx.

What ATP does to your email

Phishing Protection

• Any message that is determined to be a phishing attempt will be moved to your Junk Email folder. No further action (such as "reporting to abuse") is required, unless a legitimate message ends up in the Junk Email folder. If that happens, contact help@colostate.edu.

Attachment Scanning

Process

• The scanning process starts immediately after the message is received and usually takes less than a minute to complete
  Note: on occasion, some attachments will take longer to scan. Depending on the number, type and size of the attachment(s), and the method used by Microsoft to scan a particular attachment, the scan could take multiple minutes. Please be patient waiting for scans to complete.
• While the scan is underway, a preliminary version of the email with the attachment removed is available in your inbox.
• Once scanning is complete, the preliminary email message will be swapped out with the final one, including the safe attachment.

Details

• Examples of how the scan in progress version might look before scanning is complete:
  
  
  Remember this may only appear for a few moments until the attachment has been scanned.
  
• It is possible to click on this "scan in progress" version - you will be sent to a Microsoft page to view the attachment:
  
• When attachments are deemed unsafe you will still be able to see the email message, but the attachment will be rejected

Link/URL Checking

"Safe Links" provides time-of-click verification of web addresses (URLs) in email messages and Office documents. When clicking on the link in an email, the URL is scanned to determine if the link is safe: if so, the web page is presented.

• URL/Link behaviors and appearance may be different from what you are used to: actions such as hovering over a link or copying a link may include special (safelinks) formatting or text in the URLs in some scenarios.
• Links in email messages sent using "HTML" will keep their display (clickable) web links as written (e.g. https://www.colostate.edu).
• Links in email messages sent using plain text will have their display (clickable) links rewritten and will look similar to https://nam01.safelinks.protection.outlook.com/?url=www.colostate.edu&data=first.last@colostate.edu
• Clicking on links deemed unsafe will cause a warning message to appear:
  

   

  Questions

  Please email help@colostate.edu

   

  Reference: https://docs.microsoft.com/en-us/office365/servicedescriptions/office-365-advanced-threat-protection-service-description

  
  
  
  
  
  
  
  
  
  
  

Home

Search

Contact Us

Microsoft 365 Portal

FAQs

O365 Account Status

Help Docs

Download Office

OneDrive for Business

SharePoint Online

Office 365 Groups

Microsoft Teams

Microsoft Bookings

Azure AD Groups

Device Based Subscription

Resource Management

Res Coordinator Tools

Resource Naming Conventions

Resource Departments & Contacts

Assigned Prefixes

Division of IT Home | Disclaimer | Equal Opportunity | Privacy Policy | Search CSU