Level Up

Challenge #6

Implement Malware Alerting System

Strengthen your internal security with a malware alerting system in Microsoft 365. Be instantly informed when internal users send malware-infected files.

malware hidden within code


Cybersecurity isn’t just about warding off external threats; it’s equally crucial to keep an eye on what happens inside your digital domain. Despite having a robust external defense with Exchange Online Protection (EOP), internal threats, often accidental, can pose a significant risk. Imagine a situation where an employee unknowingly sends a malware-infected file. Without immediate detection, this can escalate into a substantial security breach.

This is where an internal malware alerting system becomes invaluable. It acts like a vigilant sentinel, immediately informing your IT security team if such an incident occurs. This rapid response system isn’t just about reacting to threats; it’s a proactive tool for swift action and thorough investigation. It ensures that a minor incident doesn’t snowball into a major crisis. By implementing this, you involve everyone in your organization in the collective effort of maintaining cybersecurity, reinforcing the idea that security is a shared responsibility.


Activating a malware alerting system in Microsoft 365 is a straightforward process. Here’s how you can set it up to keep your internal communications secure:

    Step 1: Go to the Microsoft 365 Defender Portal

    On your computer, launch a new browser window (Edge, Chrome), and type in https://security.microsoft.com/ and press enter.

    Note: You will require Microsoft 365 administrative credentials – be sure to have the username and password ready.

    Step 2: Adjust Email & Collaboration Policies

    Within the Microsoft Defender Center:

    • Look for and select Email & Collaboration along the left-hand side menu
    • Under Email & Collaboration, look for and select Policies & rules
    • In the Policies & rules window, select Threat policies
    Step 3: Edit Anti-malware Settings
    • Within the Threat policies window, under Policies, find and select Anti-malware
    • Within the Anti-malware window, select the Default (Default) policy
    Step 4: Configure Notifications
    • Now with the Default policy open, scroll down and select Edit protection settings
    • Under Notifications and Admin notifications, check the box to Notify an admin about undelivered messages from internal senders
    • Now specific an admin email address to receive the notifications and alerts
    • If you’d like, you could also enable customized notification text but, for now, you’ll be fine with just the default notifications
    Step 5: Save Your Settings
    • Once you are satisfied, click Save.

    While you’re here…

      Navigating Technology Investments for SMBs

      Navigating Technology Investments for SMBs

      SMBs often find themselves caught between having too little technology, leading to reliance on manual processes, or too much, resulting in costly overlaps and inefficiencies. Navigating this complex environment requires a strategic approach to technology investments. Whether looking to optimize your current technology or plan for future investments, this guide offers practical insights and strategies for SMBs.

      read more
      Why Switch Your Managed Services Provider?

      Why Switch Your Managed Services Provider?

      Are you confident your current MSP is equipped to handle tomorrow’s challenges? Many businesses hesitate to switch MSPs due to fears of disruption and data security risks. At Third Octet, we ensure a smooth transition that enhances your operational success. Our proactive approach can transform your IT infrastructure, making your business more secure and efficient. Discover how partnering with Third Octet can drive your business forward.

      read more
      Enhancing Cybersecurity Effectiveness through Employee Education: Introducing Our New Training Platform

      Enhancing Cybersecurity Effectiveness through Employee Education: Introducing Our New Training Platform

      Threats loom larger with each passing day. Securing your organization’s assets has never been more critical. Our cybersecurity training platform stands ready to arm your workforce with the necessary knowledge and tactics—not just to respond to threats but to anticipate and neutralize them. Delivered through our comprehensive Workplace Suite, this platform offers an engaging, multifaceted educational experience that’s more than a set of tools; it’s a transformative process designed to strengthen the most crucial element of your security infrastructure: your people.

      read more