79 votes14 comments · Office 365 Security & Compliance » Compliance Manager · Flag idea as inappropriate… · Admin →Jon commented
We had a standard user get this warning, only Severity said "High", and we are flagging it as Malware. Everything is identical to the above example and as mentioned the large font makes you think it is fake right off the bat. When you hover the mouse over the email section "User" it shows a k.martin@m not the actual email address you see displayed. Also, the "View Alerts" button looks as if it is redirecting to another site; however, I am not sure and not willing to try. Who would get these messages when they are legit? I would think only the Admins not a standard user, right? That was my first thought anyway as to why it wasn't legit. Had it went to someone in IT department then I would probably fallen for it. What procedures does Microsoft have in place to verify things like this? Is there anything set up where you can forward emails from Microsoft that you suspect aren't legit?