Links are often included in email messages because they deliver additional information or provide an avenue for action. However, they also introduce risk because we have grown accustomed to clicking without careful investigation. Bad actors exploit this. They craft superficially misleading links that send recipients to credential harvesting websites or ones that install malware.
There are multiple layers of protection in place to help protect the community against email exploits. ITS utilizes Microsoft’s Advanced Threat Protection (ATP) in our email environment. It includes Safe Links, which rewrites the link to pass through Microsoft as a proxy. They take responsibility for analyzing destinations, and if the original URL is known to reference a website that has been classified as malicious, recipients are prevented from visiting the site and are redirected to a Microsoft alert instead. ITS strongly recommends that recipients assess the validity of messages and their links before they click. If they view the message in HTML format, they can hover over the link, and the email reader will display the original URL. However, plain-text views of email display the longer, more complicated form of the URL that Safe Links introduces, and this can make review much more difficult. In this situation, they can use a Safe Link decoder, such as o365atp.com, to recast the rewritten URL back to its original form for easier review. More information about Advance Threat Protection and Safe Links is available on the Knowledge Base.
We request that you share this information with people in your area and encourage them to engage with ITS by emailing firstname.lastname@example.org if they have questions about email security or Safe Links.