As you may already know, with Office 365 and Exchange Online you already had to the possibility to report suspicious content (in that case email) by using the Report Message add-in (an the other way around too if an email was identified as spam but was not).
Well, now it is becoming simpler for Office 365 administrator to monitor and also report suspicious content to Microsoft.
With this new capability, you can report email, attachment or URL for investigation to Microsoft.
To start submitting suspicious content, logon to your Security and Compliance portal (https://protection.office.com) and reach out the Submission blade, available below the Threat Management section
Then you can submit the content you are suspecting by using the New submission button
You can now fill a report with the details to be provided, including if required the email ID, email as EML file or attachment, with the action which should have been taken – blocked or not being blocked
The options vary depending of the type of reporting (email, URL or attachment)
From this blade administrator can also follow user’s reports by using the User reports tab (using the Report message add-in; hopefully there will be a way to report also URL in the future).
Administrator can then initiate an investigation on this/these item(s) by using the Investigate button; this will send the information to the automated investigation system
Once the investigation is completed you can then review if more users/machine may have been impacted, the details of the threat and so on
Happy hunting