As you may already know, with Office 365 and Exchange Online you already had the possibility to report suspicious content (in that case email). This was achieved through using the Report Message add-in (and the other way around to, if an email was incorrectly identified as spam).
Well, now it is becoming simpler for Office 365 administrators to monitor, and also report, suspicious content to Microsoft.
With this new capability, you can report emails, attachments or URLs for investigation to Microsoft.
To start submitting suspicious content, logon to your Security and Compliance portal (https://protection.office.com) and reach out the Submission blade, available below the Threat Management section
You can then submit the suspicious content by using the New submission button.
You can now fill a report with the details to be provided, including if required the email ID, email as EML file or attachment, with the action which should have been taken – blocked or not being blocked.
The options vary depending of the type of reporting (email, URL or attachment)
From this, blade administrator can also follow user’s reports by using the User reports tab (using the Report message add-in; hopefully there will be a way to also report URLs in the future).
Administrators can then initiate an investigation on this/these item(s) by using the Investigate button; this will send the information to the automated investigation system.
Once the investigation is completed you can then review if more users/machines may have been impacted, the details of the threat and so on.