Automatic Phishing Detection in Microsoft Forms

New Feature: Automatic Phishing Detection in Microsoft Forms

Microsoft Forms is a simple, lightweight app that lets you easily create surveys, quizzes, and polls. In order to make Forms a more secure service, Microsoft is going to enable automatic phishing detection to help prevent customers from losing sensitive data via phishing forms.

How does this affect me?

Microsoft will begin rolling out this new feature in Microsoft Forms starting in mid-July starting with smaller tenants.

This new feature will be applied to all public forms (when forms setting is “Anyone with the link can respond”) created within your tenant. The automatic phishing detection will be running at Forms design time and if any suspicious phishing contents (i.e. what’s your password?) are detected, the form will be automatically blocked for sharing and response collection. This would not be a permanent block as the form can be unblocked if the form designer removes the suspicious phishing question.

Office 365 administrators will be informed via daily Message Center notifications on these potential phishing detection results. As a global admin you have access to these forms as well as the response data. You can unblock the form if you believe the detection result was incorrect. Please note that you must be a global administrator to perform these actions.

For users who show up repeatedly on the potential phishing report, Microsoft will block their Forms sharing functionality and admins will be informed of such actions. Similar to individual Forms, a global administrator will be able to unblock a user.

What do I need to do to prepare for this change?

There is NO action needed to prepare for this change. By default, this feature is available to everyone in your organization. You may want to update your documentation and training as appropriate. Thank you.