Email security

Microsoft Exchange Online mistakenly quarantines legitimate emails as phishing

AI and Email

Coverage from Bleeping Computer indicates that Microsoft is actively investigating a significant issue impacting its Exchange Online service, where legitimate emails are being incorrectly identified as phishing attempts and subsequently quarantined. This ongoing problem, which began on February 5, is preventing affected customers from sending or receiving essential communications.

The root cause has been identified as a newly implemented URL rule designed to enhance the detection of sophisticated spam and phishing techniques. However, this rule is inadvertently flagging legitimate URLs within emails as malicious, leading to the misclassification and quarantine of valid messages. Microsoft has acknowledged the bug in a service alert, stating that the criteria for identifying suspicious emails have evolved, but this update has caused unintended consequences. While the exact number of affected customers and specific regions remain undisclosed, the incident is classified as having noticeable user impact. Microsoft is working to release quarantined emails and unblock legitimate URLs, with some users beginning to see previously flagged messages delivered.

Source: Bleeping Computer

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds