We will be turning on intra-organizational protection by default for high-confidence phishing messages that contain a malicious or spam-based URLs in Microsoft Defender for Office 365. We are doing this along with the handling of intra-organizational messages (MC577356).
[When this will happen:]
Rollout for intra-organizational protection by default will begin on in late July 2023.
[How this will affect your organization:]
The default behavior will be to quarantine intra-organizational messages that contain high confidence phishing URLs. If you want to opt-out of this behavior or opt-in to additional protection you can adjust your preferences within the anti-spam policy. More information can be found in Configure spam filter policies. If you do nothing, the policy will default to act on messages containing high confidence phishing URLs after rollout.
[What you need to do to prepare:]
You don’t need to do anything, however, if you don’t want to act on intra-organizational messages, you can opt-out by changing the Anti-spam setting to NONE. If you prefer to opt-in to the new behavior now, you can select High Confidence Phishing or one of the other options from the drop down.