It is designed to help Outlook users identify emails that may contain poisoned files or requests for personal or sensitive information that could be used to steal a user’s identity.
The company had this to say about the new feature:
“Unverified Sender is a new Office 365 feature that helps end-users identify suspicious messages in their inbox…we’ve added an indicator that demonstrates Office 365 spoof intelligence was unable to verify the sender.”
When you toggle the new feature on, any email in your inbox that the AI is unable to identify or verify will be marked. It will have the sender’s initials or photo replaced with a question mark in the People Card. That will make it easy for any Office 365 user to spot potential phishing or sender spoofing attempts.
In tandem with the Unverified Sender feature, Microsoft is also increasing the size of its DKIM keys from 1024-bit to 2048-bit for all Office 365 customers during the month of October. They are doing this in order to enhance security in all environments.
About this, the company published the following:
“If you already have your default or custom domain DKIM enabled in Office 365, it will automatically be upgraded from 1024-bit to 2048-bit at your next DKIM configuration rotation date…This new 2048-bit key takes effect on the RotateOnDate and will send emails with the 1024-bit key in the interim. After four days, you can test again with the 2048-bit key (that is, once the rotation takes effect to the second selector).”
Finally, Microsoft is rolling out a feature they announced in late July of this year (2019), which is their improved Malicious Email Analysis. Collectively, these new features should provide a much safer environment for all Office 365 users. Kudos to Microsoft for that!