Custom Safety Tips
We would really like to be able to raise a few custom Safety Tips on inbound messages.
For starters, it would be great to raise a Safety Tip on every message originating from an external sender, i.e. every inbound message. A simple safety tip that read "Notice: This message was sent from outside our organization. Please use caution with links an attachments" would work wonders.
Another Safety Tip, perhaps with a warning level, to flag messages that fail SPF checks would also help.
The idea is to provide actionable information to message recipients so that they can make better decisions about phishing attacks.
Safety Tips would be great for this, because they do not modify either the message subject or message body.
Edward Murphy commented
From an Office 365 Admin at a school dealing with phishing emails, we would really benefit by being able to create custom safety tips to notify users emails of potential malicious emails/links
Zac B commented
I'd love to be able to have a check that can warn the users.
DIsplay name matches an internal user but from an external sender.
David Rubino commented
This should be expanded to basically allowing us to customize a tip based on any type of message based on the read action. Shouldn't have to purchase anything else just to have basic protections or added functionality without modifying the whole message.
Terry Zink (Senior PM in Office 365) commented
Don't have anything to say on the External safety tip, but for unauthenticated email this is available for Advanced Threat Protection customers, see http://aka.ms/LearnAboutSpoofing for how we treat unauth'ed messages.
why not using a Visual Cue.
this will help you.. then only bad point is that you will get emails from your users complaining that it will reduce the possibility to see thepreview of the email on their mobile phone
Display Custom Safety Tip as a new Rule Action would be better yet. If one or more Safety Tips could be raised via a mail flow/transport rule, we could easily control when they were displayed.
We could, for example, suppress Safety Tips if the message has an SCL of -1, or if the sender is on the recipients trusted senders and domains list.*
*Actually, this capability is probably a feature request, in and of itself.