What Is Quarantine?

Quarantine is a secure holding area where Microsoft Defender places emails that are suspected to be malicious, spam, or phishing attempts. These messages are not delivered to your inbox to protect you and your organization from potential threats. Instead a periodic digest of recent emails sent to Quarantine is emailed to you by Microsoft:

q

How Do Messages End Up in Quarantine?

Emails are quarantined based on security policies and automated threat detection. Common reasons include:

• Phishing detection: The email tries to trick you into revealing sensitive information.
• Malware detection: The email contains harmful attachments or links.
• Spam filtering: The email is flagged as unsolicited or irrelevant.
• Originating address: The email came from an email provider that has been known previously to send phishing and malware emails to hancockcollege.edu (gmail.com, hotmail.com, etc.)
• Policy violations: The message breaches Hancock College security policies like untrusted file types or use of certain phrases often used in phishing attacks.

What Should I Do If I Think an Important Email Is in Quarantine?

1. Check your quarantine notifications: You’ll receive periodic emails summarizing quarantined messages.
2. Visit the Microsoft 365 Security Portal:
   • Go to https://security.microsoft.com/quarantine
   • Sign in with your hancockcollege.edu account.
3. Review quarantined messages:
   • Use filters to find specific emails.
   • Click on a message to see details and preview content.
4. Request release or report as false positive:
   • If the email is legitimate, click “Release” to send it to your inbox.
   • Optionally, click “Report as false positive” to help improve filtering.

⚠️ Note: Some messages may require admin approval before release.

Why Should I Still Be Cautious About Quarantined Emails?

Even though emails are quarantined, not all of them are safe. Some may still be sophisticated phishing attempts or contain malicious content that evaded initial filters. Always review with caution before releasing.

Signs That an Email in Quarantine Might Be Illegitimate

Here are red flags to watch for in the quarantine summary or message preview:

• Suspicious sender address: Misspelled domains (e.g., micros0ft.com) or unknown senders.
• Urgent or threatening language: Phrases like “Your account will be deleted!” or “Immediate action required.”
• Unexpected attachments or links: Especially if you weren’t expecting the email.
• Requests for sensitive info: Asking for passwords, payment details, or login credentials.
• Generic greetings: “Dear user” instead of your name.
• Spoofed branding: Logos or formatting that look off or inconsistent.
• Common scams: Be aware of offers of free stuff such as grand pianos, welding equipment, and travel trailers.

If you find an email in your Quarantine that you believe is Spam or Phishing, there is no need to release the message and report it as phishing or junk. This is a sign that the filter is doing its job.

Best Practices

• Never release a message unless you're confident it's safe.
• Report suspicious emails to your IT or security team.
• Keep your training up to date on phishing and email threats.