Phish action set to Quarantine message.

Why This Matters

When a phishing email is detected, the recommended action is to quarantine the message to prevent users from accessing potentially harmful content. If the phish action is not set to quarantine, malicious emails may be delivered to inboxes, increasing the risk of credential theft or malware infection. IT administrators should ensure this setting is properly configured to maintain a secure email environment.

What Aether365 Checks

Aether365 verifies that the anti-phish policy's phish action is configured to quarantine messages. This check appears in the Aether365 dashboard under microsoft-365 checks.