Add OneNote Fileextensions to the Exchange Online Malware Filter

Hi All,

I've heard from OneNote Phishing in the last few Months. That seems to be a new way of Attack.
Sadly i don't know the exact details of that Attack.
What came to my mind was to block OneNote Attachments in the Malware Filter.

Microsoft: Besserer Schutz vor riskantem OneNote-Phishing geplant

Also Microsoft want's to improve here according to the M 365 Roadmap

I've checked the OneNote file Extensions on my Computer

Microsoft OneNote File Extensions according to

Let's go to work. List the Malware Filter Policys in Exchange Online

Get-MalwareFilterPolicy | ft Name

Look at the Details. As you can see the Extensions are in the FileTypes Attribute (without dot before the Extension).

Get-MalwareFilterPolicy -Identity ICEWOLFMalwarefilterPolicy-01

Let's add the OneNote File Extensions

$FileTypes = (Get-MalwareFilterPolicy -Identity ICEWOLFMalwarefilterPolicy-01).FileTypes
Set-MalwareFilterPolicy -Identity ICEWOLFMalwarefilterPolicy-01 -FileTypes $FileTypes

As you can see the Filetypes are now in the Policy

Andres Bohren