Microsoft Exchange Online Mistakenly Identifies Legitimate Emails as Phishing

Microsoft Exchange Online is currently facing a significant issue with its email filtering system. The service is mistakenly flagging legitimate emails as phishing attempts, which has disrupted communication for many users. This incident, designated as EX1227432, began on February 5, 2026, at 10:31 AM EST and is still unresolved.

Impact of Microsoft Exchange Online’s Email Filtering Issues

Many Exchange Online users are experiencing interruptions due to emails being quarantined. This excessive filtering is a result of newly implemented detection criteria aimed at combating sophisticated phishing and spam tactics. The underlying cause has been traced to a recent URL rule that incorrectly identifies safe links as malicious.

Quarantine Challenges for Users

• Legitimate emails are trapped in quarantine, affecting workplace productivity.
• Affected users are unable to send or receive messages normally.
• Manual releases from quarantine are often required by administrators.

While Microsoft is actively reviewing and unblocking legitimate URLs, users have reported that some emails previously quarantined are now being delivered. However, the exact scope of this issue, including affected regions and numbers of impacted customers, remains unspecified.

This is not the first occurrence of such incidents within Microsoft Exchange Online. The service has a history of false positives with its email filtering systems. Notably, in May 2025, a previous incident (EX1064599) saw Gmail emails mistakenly labeled as spam. In March 2025, legitimate messages faced the same quarantine issue, while in September of that year, several bugs caused URLs in emails and Microsoft Teams to be blocked.

Community Response and Recommendations

Feedback from users on forums such as Reddit has highlighted ongoing issues, stressing the need for support tickets to address technical glitches. System administrators have noted that senders lacking DMARC configurations, particularly those with attachments or images, are more likely to trigger these aggressive filtering systems.

As phishing tactics evolve, the complexity of maintaining effective email defenses increases. Microsoft has acknowledged the challenges posed by AI-driven filtering technologies and is working to strike a balance between security and usability.

Advice for Affected Organizations

• Regularly monitor the quarantine section of the Microsoft 365 admin center.
• Report any false positives using the quarantine tools.
• Consider utilizing third-party email filters for added security.

Microsoft has assured customers that it is committed to improving its filtering processes to prevent similar issues in the future. However, a specific timeline for complete resolution has yet to be provided. Users are encouraged to refrain from circumventing existing security policies, as ignoring high-confidence phishing flags may lead to further complications.

For ongoing updates on this and other cybersecurity topics, follow Filmogaz.com on Google News, LinkedIn, and X.