High Confidence Phish action set to Quarantine message.

Why This Matters

When high confidence phish messages are incorrectly handled, malicious emails can bypass your security defenses and reach end user inboxes. This increases the risk of successful phishing attacks that can lead to credential theft, data breaches, or malware infections. Administering the correct quarantine action ensures these dangerous messages are isolated before users can interact with them.

What Aether365 Checks

Aether365 verifies that your Microsoft 365 anti-phishing policy has the high confidence phish action set to "Quarantine message" rather than allowing delivery or other actions. This check appears in your Aether365 dashboard under the microsoft-365 security category.