Quarantined Messages and Email Security

You may be getting emails from Microsoft about quarantined messages and wondering what’s going on. The short explanation is that Microsoft’s email filters are getting better and that the company is trying to protect you from harmful attachments and links that can compromise your tech system’s integrity.

We typically don’t know about a message we haven’t seen until the sender contacts us because we haven’t responded to them. In today’s age of more sophisticated phishing campaigns, deep fakes, and more malicious code, we rely on our email systems, such as Outlook and Gmail, to protect us from ourselves with stronger filters. Too many people are careless about opening attachments or clicking links that lead to scams. Even the most careful person can fall victim to clicking on something they shouldn’t. So, Microsoft makes you take an extra step or two in hopes you will slow down and give more thought to the action the sender wants you to take.

It used to be enough to check your spam or junk mail folder in Outlook, and it’s still important with the New Outlook. As filters get more robust, more messages get diverted there, but, as the commercials say, wait, there’s more. You are likely getting messages from Microsoft that they have quarantined messages based on their parameters for determining if a message may be part of a phishing campaign or has a malicious link or attachment.

If you have Office 365, you won’t be able to access the quarantined message in your inbox. Instead, you’ll get a message with the following information for each quarantined message:

  • Sender: The email address of the sender of the quarantined message.
  • Subject: The Subject line of the quarantined message.
  • Date: The date/time that the message was quarantined in UTC.

You’ll also get a link. If you don’t understand what’s going on, you probably feel safer just deleting the message with the link. However, because the filters are more robust – based on an array of factors – you could miss a useful or important message.

Individuals and office administrators who use Office 365 as a web app can find their quarantined messages by clicking on this link: https://security.microsoft.com/quarantine?viewid=Email. It takes you to a Microsoft Defender page where you will see who each message was from and why it was quarantined. Messages are held there for 30 days. During that time, you can release a message, which will send it to your inbox, where you can open it and decide what you want to do. You can also delete a message directly from the quarantine page. We recommend you bookmark this link.

Of course, these security measures put an onus on senders, especially those who legitimately send bulk email, to ensure their DNS records are up to date and follow accepted anti-spam policies for outgoing mail.

We can help you by reviewing your incoming and outgoing email settings to maximize your security and email handling efficiency. Call us – 973-433-6676 – or email us to talk about it.

Manage Your Email to Avoid a Scam

As more businesses are bought and merged, it’s more important than ever to pay attention to email accounts for all the entities involved. We’re finding “sleeper agents” hiding in neglected accounts, and they’re waking up to bite hard.

In a recent case, a client bought a business a few years ago and set up a number of special email accounts to help manage the transition and keep tabs on things going forward. The only problem is that going forward, they did not monitor those emails – and the account – so they didn’t realize their system was compromised.

They did notice irregular financial dealings in a bank account, and they went to the bank to change the account and the associated online password. But the person who had infiltrated their system still had access to all the email notifications, rendering each system fix ineffective. It took some heart-to-heart conversations with our client to get to the root of the problem and then fix it.

We needed strong passwords on every online and email account they had, but with a mole inside the system, that wasn’t enough. There are two more steps you need to take to tighten your system.

The first step is to set up two-factor authentication (2FA) for every account. Yes, it is a pain to wait to complete a secondary step, but it works. We find a text connected to a cell phone is effective because whoever is accessing the account has the cell phone nearby, and you know the verification code is going to the right person. The chances of the text message being intercepted are extremely remote.

The second step is to manage your email more effectively – and that calls for more than just checking it frequently. Whether it’s at the office or home, many email accounts have – or can have – a secondary email associated with each account. Please don’t leave it blank. That’s the door a hacker uses to get in. When you change the password, go into the profile for the user and reset or start using the secondary email account. At the same time, reset the rules for managing each account. The hackers had email forwarded to an account they could monitor, which let them stay up to date on all the changes our client made.

For both online and email accounts, you need to check each user’s profile information regularly. That’s where we can help. We can check or tell you where to look to see if anyone has electronically “jimmied” open a window to your system and help you take more protective measures. As businesses and consumers, we depend more and more on electronic payment systems to pay our bills and have our invoices paid accurately and on a timely basis.

Call us – 973-433-6676 – or email us to talk about your concerns and to schedule an assessment and a remediation plan – if needed. It’s your money, and if a scammer gets it, you likely will never get it back.