In Outlook there is a junk email filter. We can also block or whitelist email addresses for the whole organisation.
We all receive spam / junk emails. In fact you get a lot more than you see because Microsoft 365 does a very good job of blocking emails before they even arrive in your mailbox.
However no spam filter will ever be perfect which means some will get through and some genuine emails will be blocked.
The best way to view the emails you receive is with a zero-trust approach. Instead of assuming they are all genuine emails, assuming the opposite until it's proven to you that they are not. Ones with malicious attachments and links in most cases should be blocked but you should still be vigilant for all emails you receive.
Outlook provides a junk email filter which you can learn about here:
Reporting phishing and malicious emails
What is Phishing?
Phishing is when attackers attempt to trick users into doing 'the wrong thing', such as clicking a bad link that will download malware, or direct them to a dodgy website with a form to enter your details.
Diocesan, Bishop and Archdeacon staff are signed up to phishing simulation training which means you will see a phishing emails in your mailbox twice or three times a month which simulate what phishing emails look like. Your job is to spot these and report them by using the inbuilt 'Mark as Phishing' button in Outlook desktop (this is not available in webmail, outlook.office.com, or Outlook Mobile).
Select or open the email and press this button in the top ribbon.
If you don't realise it's a phishing email and engage with the email such as clicking on a link then, if it's a phishing simulated email, you will receive a message that tells you it was a training email to help you learn how to spot them.
You can of course receive 'genuine' phishing emails, ie. not from the simulation, which again can be reported using the same button in Outlook Desktop.
If you're unsure whether an email is genuine or not, contact the sender to ask or go through known official channels instead of using links in the emails.
Please do not forward any emails to the IT Team. Only raise a support ticket in the following circumstances:
- You have engaged with the email by clicking a link and it's not a training one. Particularly if you have entered personal details and/or passwords in websites or forms that a link has taken to you. Your account can be compromised therefore quick action will be required to block any malicious activity on your account.
- While you wait for our reply, we highly recommend you change any passwords you suspect of being compromised immediately.
- For Microsoft 365, see the knowledge base article:
How do I reset my 365 password?
- For Microsoft 365, see the knowledge base article:
- Note our email / Microsoft 365 accounts are protected by a second layer called multi-factor authentication. If you believe the password has been compromised watch out for multi-factor authentication requests on the Microsoft authenticator app or phone calls requesting approval. Do not engage with these and raise a support ticket immediately.
- While you wait for our reply, we highly recommend you change any passwords you suspect of being compromised immediately.
- Also raise a support ticket if an email you're waiting for has not arrived and you believe it is being blocked.
- Please check your own Outlook junk email filter first under:
Outlook Desktop: Home > Junk > Junk E-mail Options > Safe Senders
Outlook on the Web: Settings cog > View all Outlook settings > Junk email - The IT Team can also see email traffic and add email addresses onto whitelists. Please raise a support ticket and provide the email address, date, time and subject line that you would like the IT Team to look into.
- Please check your own Outlook junk email filter first under: