Microsoft Forms is a simple, lightweight app that lets you easily create surveys, quizzes, and polls. In order to make Forms a more secure service, Microsoft are going to enable automatic phishing detection to help prevent their customers from losing sensitive data via phishing forms.
This feature is not available for Office 365 subscriptions in GCC.
This new feature will be applied to all public forms (when forms setting is “Anyone with the link can respond”) created within your tenant. The automatic detection will be running at Forms design time and if any suspicious phishing contents (i.e. what’s your password?) are detected, the form will be automatically blocked for sharing and response collection. This would not be a permanent block as the form can be unblocked if the form designer removes the suspicious phishing question.
Office 365 administrators will be informed via daily Message Center notifications on these potential phishing detection results. If you are a global admin you have access to these forms as well as the response data. You can unblock the form if you believe the detection result was incorrect. Please note that you must be a global administrator to perform these actions.
For users who show up repeatedly on the potential phishing report, Microsoft will block their Forms sharing functionality and admins will be informed of such actions. Similar to individual Forms, a global administrator will be able to unblock a user.
ENDTags: Microsoft Forms