Anti-phishing policy exists and EnableFirstContactSafetyTips is true.

Why This Matters

First contact safety tips help users identify messages from new or unfamiliar senders, reducing the risk of phishing attacks that rely on impersonation. Without this setting enabled in your anti-phishing policy, users may unknowingly engage with malicious emails from unknown sources. Enabling these tips strengthens your organization’s security posture by giving users a critical visual cue to exercise caution.

What Aether365 Checks

This check verifies that at least one anti-phishing policy exists in your Microsoft 365 tenant and that the EnableFirstContactSafetyTips parameter is set to True. In the Aether365 dashboard, this appears under the Microsoft 365 checks category.

How to Fix

To enable first contact safety tips for an existing anti-phishing policy, follow these steps: