Microsoft 365 Alert – Service Degradation – Exchange Online – Users’ legitimate inbound email messages containing specific URLs are being incorrectly marked as phish – NEW

30/10/2024 15:06:00 PM

NHSmail Reference: INC46588636

Microsoft Reference: EX921449

Issue Status: OPEN

Issue Description: Users’ legitimate inbound email messages containing specific URLs are being incorrectly marked as phish.

Current Update: 30/10/2024 15:06:00 PM Microsoft have identified that their automated anti-spam procedures is incorrectly blocking email messages based on certain URLs, which is causing inbound email messages to be marked as phishing and quarantined due to a signature which is flagged as malicious. They are further reviewing the machine learning logic behind the quarantines to further assess their remediation options.

Scope of impact: Impact is specific to some users who are expecting to receive inbound email messages who are served through the affected infrastructure.

Root cause: Their automated anti-spam procedures is incorrectly blocking email messages that contain a specific URL, which is causing inbound email messages to be marked as phishing and quarantined due to a signature which is flagged as malicious.

Next update by: Wednesday, October 30, 2024, at 4:30 PM UTC

back to top