Microsoft 365 Safe Links

A University-wide Safe Links policy is implemented to improve security of Microsoft 365 Services, in order to protect staff and students from phishing and similar attack attempts.

What is Safe Links?

Safe Links is part of Microsoft's Defender platform and helps better protect users (staff and students) from malicious links in emails. Safe Links checks links/URLs to see if they are malicious or safe before loading the web page. If the link leads to an attachment, the attachment will be scanned for malware. If the link is identified as insecure, the user is taken to a page displaying a warning message, as shown below.

 

warming Picture 4

 

 

 

Safe Links also scans any documents available on that link at the time of click to prevent malicious file downloads to user devices.

In summary, Safe Links service is part of Microsoft 365 Advanced Threat Protection (ATP) for organisations, that are designed to protect users from email phishing attempts.

 

 

What will be Different? 

Nothing significant will be different in the way email service operates. Please note however, that the hyperlink in the emails that is received by users, may be rewritten (or wrapped) and appear differently than they would normally appear. This will occur in emails that are displayed in plain text  and may result in some visual impact. Emails displayed in HTML format are not affected.

A link/URL rewritten (or wrapped) with Safe Links will appear to begin with  Microsoft’s Standard URL format prefix: https://nam01.safelinks.protection.outlook.com. An example is shown below.

Original URL: https://www.ed.ac.uk/

Wrapped or rewritten URLhttps://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ed.ac.uk% 2F&data=05%7C02%7C%40ed.ac.uk%7C0fbe5e98c2ac40e227b708dc10880558% 7C2e9f06b016694589878910a06934dc61% 7C1%7C0%7C638403423578665559% 7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0% 3D%7C3000%7C%7C%7C&sdata=bMPrbif%2B96QoKY5WarbxCTonEn6AGkwj%2FdpB0YEN4go%3D&reserved=0

 

Want to view Original the URL before Clicking?

You may want to view the original URL before clicking on the Safe Links URL. If you use Microsoft Outlook Desktop Client, simply hover your mouse on the wrapped URL and the original link will be displayed.  Using other mail clients? There are a number of decoders that can be used to reveal the original URL, one of which is: https://www.o365atp.com/ Simply open the decoder and paste wrapped Safe Link. the original URL will be revealed.

You are advised however, not to use decoders to bypass Safe Links. Always visit URLs via Safe Links as this will help reduce the risk of falling victim of malicious attacks.

Final Notes

If you cannot undertake a business critical function, process or work due to way Safe Links is implemented or functions, please provide details and the support and security teams will work with you to find a workaround or a technical resolution. Also, some ed.ac.uk URLs will be exempted from Safe Links and exemptions may be provided for specific work-related URLs that are impacted by Safe Links. Please submit such requests via: https://edin.ac/48TMFQP

You are encouraged to report all malicious URLs to IS Helpline. This will help us take further actions in preventing the rest of the University from the possibility of falling victim to cyber attacks. You can also pro-actively report URLs that should not be blocked to IS Helpline via https://edin.ac/safelinks-impact-review

If you believe Safe Links has blocked a URL unnecessarily or did not block a fraudulent site, please report this to IS Helpline using https://edin.ac/safelinks-impact-review

This article was published on