Phishing: Your Document Has Been Completed

Phishing attacks through email happen all the time. A new relatively crude one arrived today. It’s easy for the trained eye to detect phishing, but do your Office 365 admins know how to use the tools available in Exchange Online Protection to suppress malware, and do your users know the signs of bad email? In this case, it’s an invitation to click to get to a PDF document to bring you to digitaloceanspaces.com. Some interesting things might happen afterwards, but I really don’t want to find out what occurs when I click the link.

Advertisements

Exchange Online Transport Rule to Encrypt Sensitive Email

Microsoft has released details of an Exchange Online transport rule to encrypt outbound email containing sensitive data types like credit card numbers. The rule works (after fixing the PowerShell), but needs to be reviewed and possibly adjusted to meet the needs of Office 365 tenants.

Applying Autosignatures with Transport Rules

Office 365 tenants can use Exchange transport rules to apply autosignatures to outbound email, including messages protected with encryption. You can even include some properties of the sender extracted from Azure Active Directory, and you can add an exception so that the autosignature isn’t applied to replies.

Logos in Email – Another Way to Stop Spoofing

Including a company’s logo when listing or displaying email is another way to give users confidence that the email is in fact from that company. Business Indicators for Message Identification is a draft standard that might become generally used by all email clients. But for now. Microsoft has their own business profile “brand card” program, and that’s where OWA gets its logos.

Phishing: Office 365 Retrieve Pending Messages for Domain

Another day, another phishing attempt, this time trying to make unwary Office 365 administrators click on a link to “Retrieve Pending Messages” for their domain. I’m surprised this one got through!