We all know that phishing is going on all the time. But how to defend your organization against these criminals that want to get your login information! The answer is simple, Office 365 Advanced Threat Protection, or short: ATP.
So lets get started and start implementing anti-phishing policies. First go to https://protection.office.com/antiphishing and create a new policy.
Now Add a condition, you can choose who to apply this policy to. The easiest way is to add the recipient domains.
The next step is to create the policy:
The last setting is to edit the action of your just freshly created policy. So Edit the Spoof settings
Select what action to take, and save the setting, and your good to go!
ATP anti-phishing is only available in Advanced Threat Protection (ATP). ATP is included in subscriptions, such as Microsoft 365 Enterprise, Microsoft 365 Business, Office 365 Enterprise E3, Office 365 Enterprise E5, Office 365 Education A5, etc. If your organization has an Office 365 subscription that does not include Office 365 ATP, you can potentially purchase ATP as an add-on. For more information, see Office 365 Advanced Threat Protection plans and pricing and the Office 365 Advanced Threat Protection Service Description. Make sure your organization is using the latest version of Office 365 ProPlus on Windows to take full advantage of ATP anti-phishing protection.