Microsoft Anti-Phishing Rules Mistakenly Blocked Emails and Teams Messages

Microsoft reported an issue in Exchange Online where legitimate emails and Teams messages were mistakenly quarantined due to faulty heuristic detection rules designed to block credential phishing campaigns. The incident occurred last week, affecting users relying on Microsoft’s anti-phishing protections. The problem stemmed from automated rules that incorrectly flagged non-malicious content as phishing attempts. No specific timeline, user count, or technical details about the flawed heuristics were provided. The impact included disrupted email and Teams communications for affected organizations.