How to create email rules to prevent Ransomware in Microsoft 365 Business

Configurare noua (How To)


Ransomware is one of the most painful versions of malware that locks down files, and even access to a computer. If you are using Microsoft office 365, then you can set up rules which will make sure to block some ransomware files. Email is the op source of Ransomware attacks where files are sent in the form of JavaScript, batch, and executables, and so on. In this post, we will show how you can create email rules to prevent Ransomware in Microsoft 365 Business.

When using Exchange Online, all emails pass through the Exchange Online Protection (EOP). It quarantines and scans in real-time all email and email attachments, both entering and leaving the system for viruses and other malware. So only when you want to customize administrators can make company-specific filtering customizations using the Exchange admin center.


Pasi de urmat

Create email rules to prevent Ransomware in Microsoft 365

rules ransomware add extension

Microsoft 365 Business offers an admin center that can be configured to protect all the inboxes. You can increase the protection further by tweaking the rules applied to emails to strengthen further.

Go to Admin Center > Exchange > Choose Mail Flow from the menu on the left. Then click on the plus(+) symbol under the rules tab, and then choose the Create a new rule option.

Ransomware rule Microsoft Office 365


Once the rule page is open, enter the name of the rule, and click on More Options available at the end. Select Any Attachment under Apply this rule if, and then select file extension includes these words.

You can then choose to specify words or phrases, i.e., file extensions that you want the rule to be applied. Files that are known to carry Marcos or any executable can be stopped here. Use the plus (+) symbol to add them one at a time. Finally, scroll down to review the list, and if it’s alright, choose OK.

You can further customize it by adding a new condition. Choose to add a condition, and then choose a condition under Do the following. Here you can select to Notify the recipient with a message.  Then enter the notification message you want the recipient to see. Select OK.  An email will be sent to the recipients when an email with restricted attachments containing one of the specified extensions to warn them of the possible threat.

rules ransomware add extension

You can also add exceptions if there is a known trusted user when creating the rule. It will make sure that if you receive such files, it will not be blocked, and sent to the inbox directly.

Microsoft has built excellent features for both consumers and businesses. On Windows 10 PC, you can use the Windows Security App to safeguard files from Ransomware, and then you have tampered protection settings, which makes sure your personal and system files are always secure.

For Business, Microsoft offers a plethora of settings and features that can be used to protect from Ransomware. It includes Exchange Online Protection, Advanced Threat Protection  (ATP), SharePoint Online, and OneDrive protection along with Recycle Bins.

Tip solutie



(11 din 31 persoane apreciaza acest articol)

Despre Autor

Leave A Comment?