Microsoft 365 Alert – Service Degradation – Exchange Online – Users’ legitimate inbound email messages containing specific URLs are being incorrectly marked as phish – NEW
30/10/2024 15:06:00 PM
NHSmail Reference: INC46588636
Microsoft Reference: EX921449
Issue Status: OPEN
Issue Description: Users’ legitimate inbound email messages containing specific URLs are being incorrectly marked as phish.
Current Update: 30/10/2024 15:06:00 PM – Microsoft have identified that their automated anti-spam procedures is incorrectly blocking email messages based on certain URLs, which is causing inbound email messages to be marked as phishing and quarantined due to a signature which is flagged as malicious. They are further reviewing the machine learning logic behind the quarantines to further assess their remediation options.
Scope of impact: Impact is specific to some users who are expecting to receive inbound email messages who are served through the affected infrastructure.
Root cause: Their automated anti-spam procedures is incorrectly blocking email messages that contain a specific URL, which is causing inbound email messages to be marked as phishing and quarantined due to a signature which is flagged as malicious.
Next update by: Wednesday, October 30, 2024, at 4:30 PM UTC