Safe Links
Safe Links scans incoming emails for known malicious hyperlinks and rewrites the URLs to Microsoft’s standard URL format prefix: https://nam01.safelinks.protection.outlook.com. Safe Links works behind the scenes; you do not need to do anything to activate or use this feature. Safe Links scans emails from both external and internal sources.
Once rewritten, a link is analyzed for any potentially malicious content. If the URL is determined to be safe, the website will automatically open. If the URL is determined to be suspicious or malicious, you will be redirected to a block page upon accessing the link in your browser, alerting you to the potential threat.
Plain-Text Emails
When Safe Links detects a hyperlink in a plain-text email (non-HTML), it will rewrite the URL in plain text. In this case, you will see the rewritten URL directly in the body of the email.
Hover over the safe link URL to see the original URL. Pay attention to the URL listed when hovering; this is the actual URL you will be visiting.
If you forward an email with a rewritten link
Once Safe Links has rewritten a URL, the URL will remain rewritten if the message is replied to or forwarded. Additional links added to the message being replied to or forwarded will not be rewritten.
If you believe Safe Link blocked a URL unnecessarily or did not block a fraudulent site, please submit an Allowlist Request (You must be Faculty/Staff to submit).
Safe Attachments
Safe Attachments scans attachments for malicious software. If detected as unsafe, the attachment will be removed from the email and replaced by a short text file named “Malware Alert Text.txt” to indicate to the recipient the malicious attachment file name and action taken.
Note: This feature may cause a minor delay in email delivery, depending on the size of the attachments, to allow the scanning to occur.
Remember, even with protection, always be cautious of suspicious links and attachments.
If you believe an attachment was removed by error, please contact ITS Support to assist with recovering it.
Frequently Asked Questions
Q: What does Safe Links look like?
A: The hyperlink in the email you receive may be rewritten and appear different. You may notice links have a prefix such as https://nam11.safelinks.protection.outlook.com.
Q: What if I am blocked from accessing a legitimate website?
A: Please contact ITS Support to report false positives. An allow list is available to help manage URLs that should not be scanned.
Q: How do Safe Links and Safe Attachments impact my email?
A: Safe Links and Safe Attachments look for and protect you from email phishing links/websites that are known to contain malicious software, email attachments, and links.
Q: Does that mean Microsoft is reading my email?
A: No, Microsoft is not reading your email. URLs are rewritten in incoming and outgoing emails within Office 365. Those URLs are scanned to see if they are malicious when a user clicks the rewritten URL to access them.
Q: What should I do when I encounter the Safe Links protection page?
A: First, you should verify that the site you were trying to access is correct by looking closely at the site name in the browser bar. Sometimes a misspelled word or string of characters in the site name takes you to a website you may not have intended to visit. If you think this was blocked in error and there is a business or academic reason to get to the site, contact ITS Support.
Q: Do Safe Links and Safe Attachments work when I use SharePoint, OneDrive, Teams or other Office 365 applications?
A: Safe Links and Safe Attachments search SharePoint, OneDrive, and Microsoft Teams to identify if any documents contain phishing links or malicious software. If a malicious file is detected, it will be blocked from interaction. A blocked file will appear as in the screenshot below.
Blocked file in Office 365.
Once a file is blocked, you can't interact with it in any way other than delete it. Please see Microsoft's website for more information.
Q: Is there a delay in the time it takes for my email to be received if I attach a file?
A: The recipient of an email may experience a small delay if the email contains a large attachment.
Q: What should I do if I think a link or attachment was blocked in error?
A: If you believe a site was blocked by mistake or you have a business or academic need to access a site that has been blocked, please report it to ITS Support by forwarding the message as an attachment to [email protected]. If you believe an attachment was removed by error, please contact ITS Support, who can assist with recovering it.
Q: If I get the Safe Links protection page, does that mean I was infected with malware?
A: No, just the opposite. You were prevented from accessing the malware site before you could be infected.
Q: Does Safe Links protect me from malicious sites when I'm browsing the web?
A: No. Safe Links only scans your Mason Office 365 email to identify phishing links and links to malicious websites.
Q: What happens if a user or a group of users needs to access a blocked site?
A: The user or group of users with a legitimate academic or business need can request access to a blocked site by contacting ITS Support. The IT Security Office will evaluate each request.