How to create email rules to prevent Ransomware in Microsoft 365 Business

rules ransomware add extension

Ransomware is one of the most painful versions of malware that lock files and even access a computer. If you are using Microsoft Office 365, you can configure rules that will ensure that you block certain ransomware files. Email is the operational source of Ransomware attacks where files are sent in the form of JavaScript, batches and executables, etc. In this article, we will show how you can create email rules to prevent ransomware in Microsoft 365 Business.

When you use Exchange Online, all email goes through Exchange Online Protection (EOP). It quarantines and scans all incoming and outgoing email and attachments in real time for viruses and other malware. So, only when you want to customize administrators, you can make company-specific filtering customizations using the Exchange admin center.

Create email rules to prevent ransomware in Microsoft 365

Microsoft 365 Business offers an administration center that can be configured to protect all mailboxes. You can further increase protection by modifying the rules applied to emails to further strengthen them.

Go to Admin Center> Exchange> Choose Mail flow in the left menu. Then click on the plus symbol (+) under the rules tab, and choose the Create a new rule option.

Microsoft Office 365 ransomware rule

Once the rules page is open, enter the name of the rule and click More options available at the end. To select Any attachment under Apply this rule if, then select the file extension includes these words.

You can then choose to specify words or phrases, that is, file extensions to which you want to apply the rule. Files known to carry Marcos or any executable can be stopped here. Use the plus symbol (+) to add them one at a time. Finally, scroll down to view the list and, if it is correct, choose OK.

You can further customize it by adding a new condition. Choose from add condition, then choose a condition under Proceed as follows. Here you can select Notify the recipient with a message. Then enter the notification message that you want the recipient to see. Select OK. An email will be sent to recipients when an email with restricted attachments containing one of the specified extensions warns them of the potential threat.

ransomware add extension rules

You can also add exceptions if there is a known approved user when the rule was created. He will make sure that if you receive such files, they will not be blocked and sent directly to the inbox.

Microsoft has created great features for consumers and businesses. On Windows 10 PC, you can use Windows security app to protect Ransomware files, then you have fake protection settings, which ensures that your personal and system files are always secure.

For businesses, Microsoft offers a plethora of settings and features that can be used to protect against ransomware. It includes Exchange Online protection, Advanced Threat Protection (ATP), SharePoint Online and OneDrive as well as recycling bins.

Leave a Reply