Office 365 Anti-Phishing Policy Configuration [CHK-1063]
Office 365's built-in anti-phishing features can be enhanced by setting up Anti-Phishing policies. These policies can be refined to ensure better detection and prevention of phishing attacks, such as deception and spoofing.
Rationale
This configuration protects users against phishing attacks and uses safety tips to warn users about potentially harmful messages.
Fix
An automated fix is not available for this check. To fix it yourself, follow these steps:
- Navigate to Microsoft 365 Defender.
- Expand Email & Collaboration and select Policies & Rules.
- Select Threat policies.
- Under policies, select Anti-Phishing.
- Select the Office365 AntiPhish Default (Default) policy and click Edit protection settings.
- Set the Phishing email threshold to at least 2 - Aggressive.
- Under Impersonation, turn ON: Enable mailbox intelligence (Recommended) and Enable Intelligence for impersonation protection (Recommended).
- Under Spoof, turn ON: Enable spoof intelligence (Recommended).
Impact
Implementing these changes will enhance the protection of users against phishing attacks, reducing the risk of deception and spoofing.
More Information
- Microsoft 365 Defender
- CIS Item: 4.6 (L1) Ensure that an anti-phishing policy has been created
- Profile: E5 Level 1