Defender for Office 365 Email Anti-Phishing Policy Creation

This guide will provide background information on creating an anti-phishing threat policy that will monitor phishing detection for inbound and outbound mail flow.

Anti-Phishing Threat Policy

An anti-phishing threat policy specifies the phishing protections that are applied to your organizational mail flow, and how the messages that fail to meet compliance are handled. It also includes information about the priority and recipient filters for the policy.

Role Requirements

Procedure Scope: Administrators

Required Group Membership: Admin.Security

Handbook Reference

Package: TBD

Domain: TBD

Modifies: TBD

Creating an Anti-Phishing Threat Policy

1. Navigate to the Anti-Phishing – Microsoft Defender portal, locate and select Create.
   
2. Provide the basic information to the policy such as name and description, should explain the policies’ purpose and scope of effect. Select Next to continue.
   
3. Next you will be able to supply assignments or exclusions to internal users, groups, and domains. Select Next to proceed.
   
4. A list of all the possible configuration settings will be listed, make sure to apply the necessary settings to fit the needs of your organization. Select Next to continue.
   
5. You can specify the actions that will be taken on the messages that are flagged for phishing, these can be adjusted to take no action, redirect the message, direct the message to junk folder, quarantine, etc. Select Next to proceed to revisions.
   
6. The review page will allow you to see all configured settings for the device control creation process, if you detect a discrepancy at this stage make note of the section and select Back to make alterations before finalization. If everything checks out, select Submit to publish the policy.
   
7. A prompt will be displayed detailing that the policy has been created and has been put into immediate effect. Select Done to finalize the creation process.
   

Need Assistance?