DTOO277 - Hyperlinks in suspected phishing email messages must be disallowed.

Information

This policy setting controls whether hyperlinks in suspected phishing e-mail messages in Outlook are allowed. If you enable this policy setting, Outlook will allow hyperlinks in suspected phishing messages that are not also classified as junk e-mail. If you disable or do not configure this policy setting, Outlook will not allow hyperlinks in suspected phishing messages, even if they are not classified as junk e-mail.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Security -> Trust Center 'Allow hyperlinks in suspected phishing e-mail messages' to 'Disabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Outlook_2016_V2R1_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3, CAT|II, CCI|CCI-000366, Rule-ID|SV-228465r508021_rule, STIG-ID|DTOO277, STIG-Legacy|SV-85875, STIG-Legacy|V-71251, Vuln-ID|V-228465

Plugin: Windows

Control ID: 1066b2057a7c1f23c3fc717ceb2f8d452fd2b1940152f351ba9a6fe78bc886f4