New feature for Outlook, Microsoft Unverified Senders

New feature for Outlook, Microsoft Unverified Senders

Office 365 warns about suspicious emails with unverified senders

Microsoft is rolling out a great new feature for Office 365 labeled ‘Unverified Sender’ it has been designed to help users identify potential spam or phishing emails that reach their Outlook inbox.

When most of us are busy at work dealing with 101 things, it’s easy to accidentally click on a malicious email and action it, it looks so authentic and it’s from your director, or so you think. Microsoft’s new feature for outlook users could really help identify these emails quicker before they even arrive at your inbox.

Unverified senders

“Unverified sender is a new Office 365 feature that helps end-users identify suspicious messages in their inbox,” says the company on the new feature’s Microsoft 365 roadmap entry.

“In order to help customers identify suspicious messages in their inbox, we’ve added an indicator that demonstrates Office 365 spoof intelligence was unable to verify the sender.”

The new indicators will be shown in the user’s Outlook inbox for messages where the client couldn’t verify the sender’s identity using email authentication techniques.

If Unverified Sender is toggled on, all emails that come from the unverified sender will have the sender’s photo or initials replaced with a question mark in the people card as shown above. This will make it easier for Office 365 users to quickly detect potential phishing attacks or potential sender spoofing attempts says Microsoft.

When one of the emails in your inbox gets marked by the Office 365 Unverified Sender feature, you should be careful while interacting with them as they could be malicious or being sent by a potential attacker that spoofed the sender.

Microsoft also states that emails will not be analyzed using the Unverified Sender filter if  the user has set the sender as a ‘Safe Sender’ in their inbox or the messages were delivered to the user’s Outlook inbox via an admin allow list, including Email Transport Rules (ETRs), Safe Domain List (Anti-Spam Policy), or Safe Sender List.

The suspicious email indicator is going to be automatically tagged with a question mark if the message did not “pass either SPF or DKIM authentication and receive either a DMARC pass or a composite authentication pass from Office 365 Spoof Intelligence.”

More from Microsoft ‘Unverified Sender’

Microsoft provides more information on how to properly validate outbound emails sent from Office 365 custom domains using DKIM and on how to prevent spoofing by configuring SPF in Office 365.

Read more here from Microsoft on how to spot suspicious emails and how to uses ‘Unverified Sender’ in outlook.

Contact Curatrix Technologies for help

If you require help with your Office 365 and outlook settings call one of our experts at Curatrix Technologies on +44 (0)33 3241 2226 or email enquiries@curatrix.co.uk

Microsoft Partners