Preset security policies provide a centralized location for applying all the recommended spam, malware, and phishing policies at once. The policy settings are not configurable. Instead, they are set by Microsoft and are based on their observations and experiences for a balance between keeping harmful content away from users and avoiding unnecessary disruptions.

Protecting your business from unknown email threats in real-time by using intelligent systems that inspect attachments and links for malicious content and prevent impersonation that could lead to successful phishing attacks.

Safe attachments uses a virtual environment to check attachments in inbound email messages after they have been scanned by anti-malware protection. This method helps analyze behavior and other indicators to protect against new forms of malware.

Safe links provides URL scanning of inbound email messages in mail flow, and time of click verification of URLs and links in email messages and in other locations. This helps ensure links in emails and Office documents are safe, even if the content at the link destination has changed.

By opening files that contain malicious macros, users can introduce ransomware to the business. To help prevent this, we can insert a warning to the user or block completely whenever a file type that may contain macros flows through the email system.

Enabling SPF is the first step in setting up the fully recommended email authentication methods. SPF identifies which mail servers are allowed to send email on your behalf to help prevent spoofing and phishing.

Enabling DKIM is the second step in setting up the fully recommended email authentication methods. DKIM adds a digital signature to outbound email messages in the header of the email. This furthers the prevention of attackers from sending messages that look like they come from your domain.

Enabling DMARC is the third step in setting up the fully recommended email authentication methods. DMARC ensures the destination email systems trust message sent from your domain. This helps receiving mail systems decide what to do with messages from your domain that fail SPF or DKIM checks.

Blocking email attachments that contain file types that are commonly used for spreading malware.

If a cybercriminal gains access to a user’s account, they may auto-forward that person’s email to an outside account. This allows the attacker to watch the flow of email over extended periods of time, looking for opportunities to steal other people’s credentials and impersonate others – for example, to divert payments to a fake supplier.