Microsoft is working to add a new phishing attempt control feature to Microsoft Forms that will allow Office 365 admins to block forms that attempt to collect sensitive user data.
Microsoft Forms is a web and mobile app that allows users to generate surveys, quizzes, and polls designed to collect feedback and data on Internet.
Exclusion of possible phishing attempts
When managing Microsoft forms, IT admins have two options in response to possible phishing: you can either click "unblock" or "confirm phishing", a new choice which is now available, ”Redmond explains in a new Microsoft 365 Roadmap listing.
Phishing attempts are detected by Microsoft forms with the help of proactive phishing detection, a protection feature that will prevent the collection from being detected malicious code in forms and surveys.
Such forms will be automatically blocked and will not be able to continue collecting responses. This is done proactively to exclude precautionary measures operators by abusing the forms as "phishing landing pages".
Admin will receive notifications of all forms detected and blocked for possible e-fishing.
Control of potentially malicious forms
Starting with its application possibility to all standard multi-tenants during November 2020, IT admins can look at all forms that are automatically labeled as phishing scams and try to collect sensitive users to use them in future malware campaigns.
To check and unlock phishing forms, administrators should follow these steps:
- Log in to the Microsoft 365 admin center at admin.microsoft.com.
- Go to the Message center and look for the notification, Prevent / Fix: Microsoft Forms Detected Potential Phishing (this notice contains a daily summary of all blocked forms)
- Click on the link Forms admin review URL in the notification to check the blocked forms
- For each form you check, go to the top right of the page and choose whether to unblock or confirm the phishing attempt (unblock the ones that have been marked incorrectly and confirm the ones that you want to block due to malicious intent)
"If you think he has a form malicious intent, no further action is required from you. The form will remain blocked until holder remove it content "has been identified for malicious collection of sensitive data," explains Microsoft.