Microsoft 365 Alert – Service Degradation – Exchange Online – Some users’ email messages including specific URLs may be being flagged as phishing and quarantined in Exchange Online – RESOLVED
21/06/2024 08:48:00 AM
NHSmail Reference: INC43812033
Microsoft Reference: EX803530
Issue Status: RESOLVED
Issue Description: Users’ email messages including specific URLs may be incorrectly flagged as phishing and quarantined in Exchange Online
Final Update: 25/06/2024 08:32:00 AM – Microsoft’s extended service monitoring has confirmed that following their removal of affected messages from quarantine and their delivery to intended recipients, impact has been remediated.
Scope of impact: Any user with messages including the URLs with the affected domains may be impacted by this event.
Root cause: A recent change caused domain creation dates to be identified as newly created, which is causing reputation issues with our phishing detection systems, and any messages containing the URLs with the affected domains are being flagged as phishing and quarantined.
Next steps: Microsoft are further analyzing the offending service update to better understand the problems it produced to the domain creation dates and so they can help identify similar issues during their pre-deployment testing and validation processes.