Right-Hand Cybersecurity

Note: The display of the ‘Unverified sender’ banner is governed by Microsoft’s policies, and Right-Hand has only limited influence over this process. To bypass this banner during a phishing simulation exercise, we recommend following the steps outlined in this article. If the banner persists, we suggest adding the sender’s email domain to Email and Collaboration &gt; Policies and Rules &gt; Threat Policies &gt; Tenant Allow/Block List as a potential solution.

To find your sender email domain, please go to the Right-Hand portal and then go to Phishing Readiness &gt; Sender profiles &gt; Edit the chosen sender profile and find the domain after the @ symbol.

<a href="#h_8a60212f2a">Potential Cause</a>

<a href="#h_6f4917f04d">Step-by-Step Solution</a>

a) <a href="#h_bb7ca18963">Create New Anti-Phishing Policy</a>

1. <a href="#h_8a60212f2a">Potential Cause</a>
2. <a href="#h_6f4917f04d">Step-by-Step Solution</a>
 a) <a href="#h_bb7ca18963">Create New Anti-Phishing Policy</a>

Image of the error on Outlook Web Version

Image of the error on Outlook Desktop Version

Microsoft is currently <a href="https://insider.microsoft365.com/en-us/blog/improvements-to-tackle-spam-in-outlook" rel="nofollow noopener noreferrer" target="_blank">rolling out a new Office 365 feature </a>dubbed 'Unverified Sender'. This feature is designed to help users identify potential spam or phishing emails that reach their Outlook client's inbox.

Create New Anti-Phishing Policy (Recommended)

Sign in to <a href="https://security.microsoft.com" rel="nofollow noopener noreferrer" target="_blank">MS Defender</a>.

Select Policies and rules under Email and Collaboration.

Choose Threat Policies and go to the Anti-phishing section.

Add the name “Right-hand Anti-Phish Policy” and a description. Click Next.

In the Domains section, add your company domain list. Then go to the Next section.

Add the <a href="https://help.right-hand.ai/en/articles/8450649-whitelisting-guide-for-microsoft-exchange-and-microsoft-defender#h_6c6bd28547">RH domain list</a> to “Add trusted senders and domains.”

Please uncheck the "Show First contact safety tip" box from the Actions settings.

1. Sign in to <a href="https://security.microsoft.com" rel="nofollow noopener noreferrer" target="_blank">MS Defender</a>.
 
2. Select Policies and rules under Email and Collaboration.
 
 
 
3. Choose Threat Policies and go to the Anti-phishing section.
 
 
 
 
 
4. Click on Create.
 
 
 
5. Add the name “Right-hand Anti-Phish Policy” and a description. Click Next.
 
 
 
6. In the Domains section, add your company domain list. Then go to the Next section.
 
 
 
7. Add the <a href="https://help.right-hand.ai/en/articles/8450649-whitelisting-guide-for-microsoft-exchange-and-microsoft-defender#h_6c6bd28547">RH domain list</a> to “Add trusted senders and domains.”
 
 
 
8. Please uncheck the "Show First contact safety tip" box from the Actions settings.
 
 
 
9. Review and Submit the Policy.
 
 
 
10. Run the test Campaign.

How to turn off the "unverified sender" banner from Outlook?

Image of the error on Outlook Web Version

Image of the error on Outlook Desktop Version

Potential Cause

Step-by-Step Solution

Create New Anti-Phishing Policy (Recommended)