Microsoft Defender 365 taking over

Lately, when I click on a (legitimate) link in an email on my iPhone 11 Pro or iPad Pro, I get a page headed “Microsoft Defender 365” telling me this is a potentially dangerous site and I should close the window. This started suddenly and I have no idea how to turn it off. Internet searches have not helped me to do this for iOS. I use Duck Duck Go as my browser, and iOS 15.4.1 on my phone and 15.3.1 on my iPad Pro. My main email goes through a university that uses Microsoft 365 for its email system and maybe that is related? However, I don’t have the problem on my Apple laptop. Does anyone have any ideas how to bypass this ‘security’?

This definitely sounds like a Microsoft 365 thing. Apple doesn’t use Defender by default on any of their products.

Are you using Outlook on your iOS devices? If you are, and it’s getting system policy data from your university’s server, that would be the most likely explanation.

As for your laptop, are you also running a university-registered installation of Outlook there? Or a different mail app?

Thanks for your response. No, I use Apple Mail on all my devices, but my account is signed in through the university server listed as “”. On my laptop my Mail is connected through “Exchange”. You are probably right that I’m a victim of my university’s focus on Microsoft and Windows.

As an addendum to my original message, this is the page I receive sometimes when a link in email goes to my browser:

So, it mentions an “internal error”. Unclear what to do about that except close the page.

Probably related to this:

I think the links are marked as “potentially dangerous/unsafe” because the sites are not profiled in the filtering system, and so marked as potentially unsafe by default.

When I encounter such redirects that failed, sometimes I had to copy the redirect URL and manually extract the original URL from the string. Usually it involves conversion of URL encoding as well, which is a pain.

(The actual URL follows the highlighted ‘proxy URL’; sometimes the ‘https://…’ will turn into https%3A%2F%2F…)