Protecting You from Malicious Links & Attachments with Microsoft Advanced Threat Protection (ATP)

Aug 3, 2018

Home » Security » Protecting You from Malicious Links & Attachments with Microsoft Advanced Threat Protection (ATP)
Malicious phishing and malware emails continue to target members of the university community. All of these various attacks induce readers to click on a link to a malicious website—often a very convincing rendition of the Northeastern login page. As part of the ongoing effort to combat these attacks, ITS will roll out Microsoft’s Advanced Threat Protection (ATP) in Office 365 to all Northeastern faculty and staff on Monday, July 23. ATP will scan URL links and attachments in emails, as well as files in SharePoint and OneDrive, and block access to them if they are deemed malicious.

ATP Safe Links

ATP Safe Links rewrites the URL links in emails so that when you click on it, Microsoft’s servers direct you to a holding page where the URL is checked against a reputation database. This can be seen in Figure 1 below where the URL has been rewritten to start with “”. Figure 1

Native Link Rendering

Microsoft is also rolling out native link rendering, which will show the original URL preceded by “Protected by Safe Links:” (Figure 2). Figure 2

Warning Page Protection

If the URL is in the database you will see a warning page similar to the one in figure 3 and you will be blocked from accessing the site. If the URL is not in the database you will be redirected to the actual URL. Figure 3

ATP Safe Attachments and Files

ATP safe attachments and files scans attachments and files in emails, SharePoint, and OneDrive for malware, viruses, and zero day exploits. If a file is found to be malicious the email is delivered without the attachment and a message noting that the attachment has been removed is appended to the email. If an attachment is taking longer than normal to scan ATP will deliver the email without the attachment and the following message will be appended next to the attachment icon “ATP Scan In Progress” (see Figure 4). Once the attachment is deemed safe it will then show as a normal attachment on the email. Figure 4 It’s important to note that while ATP is another layer of protection it is not perfect, and users should still exercise caution when clicking on links and opening files in emails, SharePoint, and One Drive.


If you have any questions or require assistance, please contact the ITS Service Desk at 617.373.4357 (xHELP), email or chat with one of our service desk analysts.

Read More Articles

Tech Updates

Student Tech Update 4/6/21: 5-day loans of laptops and other equipment, and student experience focus groups next week

In this edition, based on students' feedback IT Services has expanded its services in Snell Library to support laptop loans for up to five days. Find more information about that and other resources in this update.

Tech Updates

Faculty and Staff Tech Update 4/6/21: Accessing Zoom recordings in Panopto and how to use Adobe Sign

In this edition, you’ll find resources for signing staff performance evaluations, grading exams, managing your video recordings and information on Back to the Classroom workshops in Boston

Digital Workplace

Background Basics for Virtual Meetings

In a world full of virtual meetings, backgrounds help us add a little fun, camouflage our clutter, and express our hopes and wishes for someday being able to be somewhere other than our home office.