Note: The display of the ‘Unverified sender’ banner is governed by Microsoft’s policies, and Right-Hand has only limited influence over this process. To bypass this banner during a phishing simulation exercise, we recommend following the steps outlined in this article. If the banner persists, we suggest adding the sender’s email domain to Email and Collaboration > Policies and Rules > Threat Policies > Tenant Allow/Block List as a potential solution.
To find your sender email domain, please go to the Right-Hand portal and then go to Phishing Readiness > Sender profiles > Edit the chosen sender profile and find the domain after the @ symbol.
Table of contents:
Image of the error on Outlook Web Version
Image of the error on Outlook Desktop Version
Potential Cause
Microsoft is currently rolling out a new Office 365 feature dubbed 'Unverified Sender'. This feature is designed to help users identify potential spam or phishing emails that reach their Outlook client's inbox.
Step-by-Step Solution
Create New Anti-Phishing Policy (Recommended)
Sign in to MS Defender.
Select Policies and rules under Email and Collaboration.
Choose Threat Policies and go to the Anti-phishing section.
Click on Create.
Add the name “Right-hand Anti-Phish Policy” and a description. Click Next.
In the Domains section, add your company domain list. Then go to the Next section.
Add the RH domain list to “Add trusted senders and domains.”
Please uncheck the "Show First contact safety tip" box from the Actions settings.
Review and Submit the Policy.
Run the test Campaign.
Important Note: Please give this policy a higher priority.