Logos in Email – Another Way to Stop Spoofing

Including a company’s logo when listing or displaying email is another way to give users confidence that the email is in fact from that company. Business Indicators for Message Identification is a draft standard that might become generally used by all email clients. But for now. Microsoft has their own business profile “brand card” program, and that’s where OWA gets its logos.

Phishing: Office 365 Retrieve Pending Messages for Domain

Another day, another phishing attempt, this time trying to make unwary Office 365 administrators click on a link to “Retrieve Pending Messages” for their domain. I’m surprised this one got through!

Phishing: EFile Document Notification

A very exciting message arrived in my mailbox. So exciting that it was too good to be true. Some basic checks made me more suspicious and then Outlook’s Message Header Analyzer gave more evidence to think the message was bad.

Finding Inactive Distribution Lists

A recent correspondent asked how to find inactive distribution lists in Exchange Online. We didn’t have a good answer in the book, so here’s some PowerShell code to do the trick.

Protecting Email Holding Sensitive Data

Office 365 offers different ways to apply encryption to important messages. When those messages hold sensitive data known to Office 365, like credit cards or passport numbers, we can define a transport rule or DLP policy to protect outbound email automatically. And while you can define rules and policies through the GUI, PowerShell is available too.