If there is only one email with this prompt, I suggest you ignore it. Due to several reasons, this URL appears suspicious: it has a long and random looking string that can be used to mask malicious destinations. It uses the. xyz domain, which is usually associated with spam or phishing websites It does not match the sender's domain or the context of the email. Therefore, I suggest that you do not click on this link or provide any personal information on the webpage. Clicking on such a link may cause the installation of malicious software on your computer or damage to your data.
Find source of potential security concern detected by Microsoft Office
With Windows 10 Home 22H2 and Outlook 2019
I would like to find the source of emails showing in Outlook that display a notice that
Microsoft Office has identified a potential security concern.
While the content is always the same, varying Subject and Sender are used.
In most cases it appears that this involves a malformed URL.
The location indicated in the Security Notices begins with ttp://***/
it seems to be missing the h in http
What is truly odd is that this only occurs in Outlook, while when viewed in a browser,
it displays valid content.
I have deleted cache everywhere, repaired Outlook, used scanpst, and reinstalled Office 2019.
I tend to think it has something to do with the Office security mechanism, but I have no idea where to start looking.
An example Notice:
The email in a browser:
The constant email content:
Outlook | Windows | Classic Outlook for Windows | For business
Microsoft 365 and Office | Install, redeem, activate | For business | Windows
3 answers
Sort by: Most helpful
-
-
SokiGuo-MSFT 31,536 Reputation points Microsoft External Staff
2024-01-05T06:43:58.02+00:00 Based on the image you sent, it seems that you are receiving security notices from Microsoft Office about potential unsafe links in your emails. The notice that Microsoft Office has identified a potential security concern is a security feature that warns you about potential risks from opening or running files or links that may contain malicious code or viruses. It is not necessarily an indication of malicious software, but it is a precautionary measure to protect your system and data.
To investigate further, it may be necessary to look at the email headers and source code to identify any hidden or embedded elements that may be causing this issue. In addition, check the security settings and filters in Outlook.
You can do this by clicking on File > Options > Trust Center > Trust Center Settings. For more detailed instructions, please refer to: https://thegeekpage.com/microsoft-office-has-identified-a-potential-security-concern/. (Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.)
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
-
George Sinkinson 0 Reputation points
2024-01-05T20:26:26.9133333+00:00 Thank you for your response - I learned a lot of new things.
I applied the fixes indicated in the link
https://thegeekpage.com/microsoft-office-has-identified-a-potential-security-concern/It didn't make any difference, even after restarting Office.
My guess is that the security notice is being triggered by the malformed url - missing the 'h' in 'http'.
Opening in a browser yields:Where does the https reference come from? Is it coming from Office Security or the Sender?
It seems to be the same weird reference with all the different email senders.Is there some way I can set up a mechanism that discards emails with security concerns?