DoTS has enabled Microsoft Advanced Threat Protection’s Safe Attachments feature. This is one component of Microsoft’s strategy for protecting people from malware such as viruses and ransomware. Safe Attachments opens common email attachments in a protected "sandbox" and tests them for malicious interactions prior to delivering them to the mailbox.
Safe Attachments is enabled for all email, whether it comes from an internal or external source. However, it cannot scan encrypted files and there is always the potential for new, unique malware to sneak through the system. In other words, while it is a great tool that improves security posture, it is not 100% effective. Even with Safe Attachments in place, you should never open an attachment you were not expecting and never enable editing if you happen to open a suspicious attachment. Your vigilance is still our best protection from malware and other information security threats.
What happens when I receive an unsafe attachment?
If a malicious attachment is found, the file is removed, quarantined, and replaced with a text file named "Malware Alert Text.txt". This text file contains this statement: "Malware was detected by Safe Attachments in one or more attachments included with this email message. Action: All attachments have been removed."
What if I think the attachment was legit?
If you have a concern regarding a Malware Alert Text attachment, please contact DoTS. DoTS staff will create a ticket and escalate the issue for review. If the attachment is found to be a false positive, it will be recovered and delivered.