Microsoft Advanced Threat Protection (ATP)

What is Advanced Threat Protection?

Troy University IT has implemented Microsoft's Advanced Threat Protection (ATP) service as part of our ongoing cybersecurity initiative to protect TROY’s network, infrastructure, and clients from malware and unsafe links, such as those that have appeared in recent phishing scam emails. ATP analyzes incoming email and blocks malware and unsafe links.

How does ATP work?

ATP provides two-part protection: Safe Links and Safe Attachments.

Safe Attachments

This feature checks email message attachments for malware and viruses. If an attachment is found to contain malicious content, the email will be blocked.

Safe Links

When a message contains a clickable image or text, the original address of the link will be replaced with a “safe link”. The safe link directs your browser to an Office 365 service that tests to determine if the original address is potentially dangerous. Safe links contain "safelinks.protection.outlook.com/" near the beginning of the link. If you point your mouse at a link, you'll see where the link points. The samples below show the server na01.safelinks.protection.outlook.com is being used to check an original link that pointed to www.troy.edu

 

Safelinks protected email link

Please Note: Currently, Safe Links are applied only to the links sent from non-TROY addresses. 

In the upcoming months, SafeLinks will be applied to all internal and external emails.

 

Malicious Links

If a link in your message points to a location that has been verified to be malicious in some way, Safe Links will stop you from accessing that location when you click on the link. If you think a site has been blocked by mistake, please report it to spam@troy.edu by forwarding the message as an attachment. On a PC, click “More” in Outlook, then “Forward as Attachment”. On a Mac, click “Message”, then “Forward as Attachment”

This service does not guarantee that all links which are scanned are safe, but does guard against many known unsafe sites and is continually updated with new information about malicious sites.

A blocked Safe Link will take you to a site like this:

 

Safelinks Malicious link warning

 

Which email accounts will be protected by ATP?

ATP protection will be enabled for all Faculty, Staff and Students who use Troy University’s Office 365 platform. Alumni accounts are not covered by this protection.

Can I opt out?

No.  All Troy University Office 365 accounts will be protected.

Cyberattacks are becoming more and more sophisticated and there will continue to be events that may circumvent these safeguards. Office 365 is a cloud-based platform that Microsoft continues to improve, and they will continually update the detection functions within ATP, which will help to protect Troy University from future cyber threats.

Avoid URLs when typing an Email

Due to the recent increase of sophisticated phishing attempts, Troy University IT is asking that users no longer include clickable hyperlinks in emails. Instead, we recommend providing brief instructions on how to access the hyperlink along with any additional information that is needed.

For Example:

Example of how to direct users to link

Note that most devices and/or mail clients now enable smart links which scan the content and automatically create hyperlinks for telephone numbers, addresses, possibly meeting times and other discoverable data.

TROY IT encourages you to avoid clicking on any links, even if it is from a trusted source.  Instead, enter the address directly into your browser and/or contact the source to verify the content.  You may also forward any suspicious emails to spam@troy.edu for review.

 

Please submit a Helpdesk ticket if you suspect that ATP may be blocking legitimate links and/or attachments.