Microsoft Office 365 Advanced Threat Protection has some great features to help you manage potential threats coming into your Exchange Online mailboxes. If your service includes this subscription, you can follow the instructions below. If you'd like to find out more about adding Advanced Threat Protection to Office 365, contact us.
From the Office 365 Admin center, click on Security & Compliance on the lower left under Admin centers.
To create a basic policy to block users from opening malicious links, click on Threat management on the left, then Policy, then ATP safe links.
Click to edit the Default policy.
Check the box to Use safe links in Office 365 ProPlus, Office for iOS and Android and uncheck the box for Do not track when users click safe links, then click Save.
Click to create a new safe links policy, enter a name, then turn on URL rewrites and check the box Do not let users click through safe links to original URL.
Scroll down and choose who to apply the policy to, for example all users in your domain, then click Save.
To create a basic policy to remove malicious attachments from email, choose ATP safe attachments from the Threat management Policy page.
Click the "+" to create a new policy.
Name the policy and select Dynamic Delivery.
Scroll down and enable any other settings that you would like, then apply the policy to the users of your choice and click Save.