Set up Office 365 ATP anti-phishing policies

We all know that phishing is going on all the time. But how to defend your organization against these criminals that want to get your login information! The answer is simple, Office 365 Advanced Threat Protection, or short: ATP.

Image result for office 365 atp

So lets get started and start implementing anti-phishing policies. First go to and create a new policy.

Now Add a condition, you can choose who to apply this policy to. The easiest way is to add the recipient domains.

The next step is to create the policy:

The last setting is to edit the action of your just freshly created policy. So Edit the Spoof settings

Select what action to take, and save the setting, and your good to go!


ATP anti-phishing is only available in Advanced Threat Protection (ATP). ATP is included in subscriptions, such as Microsoft 365 EnterpriseMicrosoft 365 Business, Office 365 Enterprise E3, Office 365 Enterprise E5, Office 365 Education A5, etc. If your organization has an Office 365 subscription that does not include Office 365 ATP, you can potentially purchase ATP as an add-on. For more information, see Office 365 Advanced Threat Protection plans and pricing and the Office 365 Advanced Threat Protection Service Description. Make sure your organization is using the latest version of Office 365 ProPlus on Windows to take full advantage of ATP anti-phishing protection.

Add a Comment

Your email address will not be published. Required fields are marked *