Registered: 1454887308 Posts: 582
Reply with quote #1
In another forum, someone posted a link but it was preceded by that safelinks thing. A google search showed that it was part of Microsoft Advanced Threat Protection feature/bug. Search results showed that everyone wants it to go away. Does it help & do we really need it?
Associate Troublemaker Apprentice
Registered: 1451575798 Posts: 871
Reply with quote #2
Its a feature of O365 Exchange Online Protection Advanced Threat Protection.
The link is re-written by Exchange to go through the link checker to make sure that its not malware/ bad link etc. The technology behind it is kinda cool and the check occurs when you make the click, not when the mail was sent. Other security services offer different re-writes, Trustwave is another. It stops most malware/ pawned sites. Yes something that helps and unfortunately something we need. __________________ Have you tried turning it off and walking away? The next person can fix it!
New to the forum? Read this
New Friend (or an Old Friend who Built a New Account)
Registered: 1452022221 Posts: 20
Reply with quote #3
Ever go to an arcade and play a game called, Whack-A-Mole? Now imaging you are in the same arcade and every time you go into the arcade, you know you will be playing the game Whack-A-Mole all day long and it is all you get to do. I know, a rather long post, but keep reading and I promise living the never ending game of Whack-A-Mole or safelinks will be a welcomed product.
I write this from the standpoint of the IT person that fights the battles when the network is being hit or attacked. I am a little opinionated on what and how attacks are working today and how moving to the cloud just opened the flood gates. The cloud and moving to it, read all of them contacts and you will find that the company you shifted all your trust to, they put it in writing that you have little to no recourse if something goes bad. Donoli, ignore the messages you are reading that lead you to post about safelinks and said, "Search results showed that everyone wants it to go away?" Having this in place today has made the IT battle better and not a losing battle when you domain is being hit with a targeted phishing attack. But on the part of and downsides of all the moving to the cloud across all platforms, IT has moved many things that an internal server used to do for storage and or an application server and put those things into the cloud with 3rd party vendors or host applications. We have now placed all trust to a 3rd party, of which how many times in a month do you hear about "breaches" or "leaks" happening? Or better yet, in our case we moved to these 3rd party trusted the cloud products and our users wanted all of this to be a single sign-on technology. So far all is okay, when we could control network routes by point-to-point connections. But it all went one step to far, our users wanted to be able to do all things from a web browser and from any device they can use. This opened up a craptastic can to damn stupid and pain for IT. Made everything into a game of "Whack-A-Mole", cleanup one dumb user and another is hit with an email that came from the first user whom shared their account details. Yep, the first users account was opened up and the attackers created email rules to start blasting out emails to all the users in the email directory. No amount of telling users not to click on email links stopped a new person to becoming a new "Whack-A-Mole" game of fun. I could go on and get into all sorts of how this is such a pain, but am very thankful that one of the phishing emails used against us, it used our top dog in leadership as the sender of one of the phishing attacks. When his picture and name was the sender of emails, that triggered the purchase of Microsoft Advanced Threat Protection. Personally, I am extremely happy to have the safelinks system in place. __________________ Deep Thoughts by Jack Handey - "It takes a big man to cry, but it takes a bigger man to laugh at that man."
Registered: 1454887308 Posts: 582
Reply with quote #4
I couldn't relate to Whack-A_Mole analogy but the rest of the explanation was well put. You're right about no matter how much you tell a user not to do something, it won't help & you're right about everyone wants safelinks, to go away. I didn't trust the link that had safelinks.outlook.com in it which is why I posted.
Here's another ANALogy. How do you keep a rabbit out of a cabbage patch? Get rid of the cabbage. If safelinks is need to protect us from the vulnerabilities of the cloud, get rid of the cloud.