No one likes getting spam. Although EOP generally does a good job, Office 365 users can help themselves and help others by reporting spam that gets through to their mailboxes using Outlook’s Report Message add-in. And if they’d like someone else to report bad mesages, admins can do so through the Security and Compliance Center.
Phishing attacks through email happen all the time. A new relatively crude one arrived today. It’s easy for the trained eye to detect phishing, but do your Office 365 admins know how to use the tools available in Exchange Online Protection to suppress malware, and do your users know the signs of bad email? In this case, it’s an invitation to click to get to a PDF document to bring you to digitaloceanspaces.com. Some interesting things might happen afterwards, but I really don’t want to find out what occurs when I click the link.