- Microsoft account admins will get a Microsoft Forms phishing alert as soon as this is detected.
- This way, when Microsoft Forms detects a phishing attempt, it will not just block the user, but also alert the IT admin.
- Admins will see the alerts in Microsoft's SCC Alert center, where further action is possible.
- Admins will have the same options as until now, to review, edit or delete a blocked form.
In the context of increased and more sophisticated cybercrime targeting Microsoft accounts, the Redmond giant is about to roll out a new security feature for their Microsoft Forms app.
Namely, Office 365 account administrators will receive alerts about phishing attempts targeting certain forms.
The alerting system will be added as a default alert policy in Microsoft’s Security and Compliance Center (SCC), Microsoft announces on the official product roadmap.
This is another proactive anti-phishing action and will allow admins to react and make the necessary changes faster.
Increased anti-phishing measures for Microsoft Forms users
The automatic phishing detection technique in Microsoft Forms has been actually in place for quite some time.
Until now, it only blocked forms and users due to confirmed and suspicious phishing attempts. With the upcoming change, admins will also get a prompt alert.
If there is any user restricted from sharing forms and collecting responses from Microsoft Forms because of confirmed phishing activities, or any form identified/detected as phishing form, IT admins will receive an alert in the SCC Alert center.
Last November, Microsoft account admins received the possibility of reviewing forms that were tagged as suspicious due to phishing attempts. The option also allowed for editing or deleting a certain form.
The change is now under development and is expected to become generally available at the end of February 2021.
Microsoft Forms is a convenient, easy-to-use app for creating polls, quizzes, and surveys to collect feedback and data online. The service is available for all Office 365 subscribers.