Microsoft is adding new security warnings to the Security and Compliance Center (SCC) default alert policies to inform IT admins of detected phishing attempts abusing Microsoft Forms in their tenants.
Microsoft Forms is an app that enables web and mobile users to create surveys, polls, and quizzes for collecting feedback and data online.
It has recently been made available for personal use to anyone with a Microsoft account after previously being available only to business users with Microsoft 365 Personal and Microsoft 365 Family subscriptions.
Forms phishing activity alerts
This phishing protection feature will proactively identify malicious password collection in forms and surveys.
To do that, it uses automated machine reviews to “proactively detect malicious password collection in forms and surveys” to block phishers from abusing Microsoft Forms to create phishing landing pages.
Admins receive alerts of any users or forms blocked in their tenants for potential phishing. Microsoft is now working on also adding these phishing activity alerts to SCC’s Alert center.
“We are now adding Microsoft Forms’ phishing activities alert (for blocked forms and users due to confirmed and suspicious phishing) to the default alert policies in Microsoft’s Security and Compliance Center (SCC),” the company explains in a Microsoft 365 Roadmap entry.
“If there is any user restricted