Ensure notifications for internal users sending malware is Enabled
Why This Matters
When an internal user sends malware, it often indicates a compromised account or infected machine that requires immediate investigation. Without notifications enabled for these blocked messages, administrators may remain unaware of potentially serious security incidents until it is too late. Enabling this alert ensures your team can respond quickly to threats originating from within your own organization.
What Aether365 Checks
This verification ensures that Exchange Online Protection is configured to send notifications to administrators when internal senders are blocked for transmitting malware. In your Aether365 dashboard under Microsoft 365 checks, this finding will appear as M365.2132.
How to Fix
Using the Microsoft 365 Defender Portal: