skip to content

What it is

Defender for Office 365 improves the security of your Office 365 account, including your email address on Exchange Online.

Threats in emails and files are identified and mitigated in collaborative tools, such as Teams or SharePoint. Targeted attacks such as scam emails, spear-phishing, general spam, ransomware, and malware are prevented. Defender for Office 365 enhances the features provided in Exchange, known as Exchange Online Protection (EOP).

SafeAttachments for Exchange

This checks email attachments for malicious content. If no suspicious activity is found, the message is forwarded to the mailbox.

SafeAttachments for SharePoint, OneDrive, and Microsoft Teams

This identifies and blocks malicious files when users collaborate and share data.


SafeLinks provides URL scanning and rewriting of inbound email messages in mail flow, and time-of-click verification of URLs in email messages and other locations. Links in emails are rewritten and are scanned when a user clicks on them; such that approved links remain accessible and malicious links are dynamically blocked.

A malicious link that is not spotted by Defender can be added to the malicious category by the UIS Service Desk or CSIRT. It takes approximately 1 minute for this update to take effect. This allows UIS to protect users from malicious links in their emails while working at home, a significant improvement in response capability.

How to get it

Defender for Office 365 is automatically applied to all staff and student Office 365 accounts.

How to use it

Defender for Office 365 works automatically.

How SafeLinks URLs look in emails

As SafeLinks rewrites the URLs in emails, it can have a visual impact on emails in the email client. This occurs when an email is displayed in plain text format, rather than HTML format.

Here is an example of a URL ( rewritten in a plain text email:


Checking the orginal URL when a SafeLink is difficult to read

If your mail client is having difficulty displaying a SafeLink and you wish to check what the underlying URL is, you can use a website like

How we use SafeLinks to protect University staff and students

We use SafeLinks to block malicious URLs that have been reported to the UIS Service Desk. Our staff add newly reported malicious links to the SafeLinks list which protects staff and students if they were to click on them.

SafeLinks exemptions

All * URLs are exempted from SafeLinks to improve user experience. Also, we can provide a SafeLinks exemption for specific URLs that meet the following criteria:

Exemptions are not provided for specific people or mailboxes.

Help and support

For help and support please contact the UIS Service Desk.