This applies to many security attacks and the famous one is Email phishing. In this technique, an imposter/hacker sends an email such that it is sent from someone we know/trust with malicious links and using them to steal sensitive data like passwords. 

I know you will identify a phishing mail when Microsoft asks you to enter your password on random links. But, how about this one? 

Image Credit: InfoSec 

If I say this is a genuine delivery error by Office 365, many would believe. But sadly, it isn’t. The hacker has placed a Send Again button and trick you to resend an email which many would click. 

Once clicked, you are taken to a website which exactly looks like Microsoft’s. As a trick, the hacker has enabled SSL certificate to their website which makes us skip reading the URL. Entering your password will easily share your complete Office 365 account with the hacker.  

Image credit: InfoSec 

After getting all the information, you will be taken to the genuine Microsoft website so that you don’t recognize what has happened before.  

How to protect yourself? 

• Do not click any links directly from anyone outside your organization. If you find any links, copy the URL and verify the host before opening it. 
• If you find any informative links that usually doesn’t require you to sign-in, open them in In-Private/Incognito window. 
• If the email is from inside your organization and not from a known associate, use caution and follow the procedures considering it as external.  
• If someone you know asks for some sensitive information in the email, make sure to contact them personally by calling so that you can make sure it is not the hacker emailing from your associate’s account. Hackers usually hack the weakest account in an organization and use them to exploit other employees. 

Some of the other most common phishing methods are: 

• Sending you a password expiry email and asking you to enter your old and new password. 
• Asking you to try out a new feature in Office 365 applications by signing in using the link in the email. 

Hope I gave you some tips. Merry Christmas in Advance! 

The post New Office 365 Phishing Technique Which You Would Fall For! appeared first on Office 365 Reports.

E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. In simple words, email spoofing is the act of sending email on behalf of another user.

Is Email Spoofing Bad?

Email spoofing has both good and bad faces. Some malicious user may spoof the actual domain to send spam or phishing emails. Spoofing is a common way for getting the user credentials or credit card information.

In some cases, there are legitimate reasons for spoofing.

• You are using 3rd party service to send bulk mail or to run any mail campaign.
• You may be using an external company to handle the customer care on behalf of your organization.

What Actions Need to be Taken?

• The admin has to ensure that the mail sent by legitimate spoofers doesn’t get caught by the spam filters at the sending and receiving end.
• In the other hand, malicious emails need to be blocked. So the admin needs to disable unauthorized spoofing in the domain.

How does Spoof Intelligence Work in Office 365?

Customers who have Office 365 Enterprise E5 or have purchased Advanced Threat Protection licenses have access to spoof intelligence in the Office 365 Security & Compliance Center.

The spoof intelligence policy is already set and enforced by O365. We cannot disable it, but we can choose how much we want to actively manage it.

You can control which domain or user can spoof your domain by reviewing the existing policy applied in Office 365 & Compliance Center.

To manage senders who are spoofing your domain by using the Security & Compliance Center

1. Go to the Security & Compliance Center.
2. Sign in to Office 365 with your work or school account. Your account must have administrator credentials in your Office 365 organization.
3. In the Security & Compliance Center, expand Security policies > Anti-spam.
4. In the right pane, on the Standard tab, expand Spoof intelligence.
5. To view the list of senders spoofing your domain, choose Review new senders.If you’ve already reviewed senders and want to change some of your previous choices, you can choose Show me senders I already reviewed instead. The following panel appears.
6. On the Standard tab, each row represents a sender that is spoofing one or more users in your organization.If a sender is spoofing multiple users, and you want to allow that sender to spoof some users but not others, on the Standard tab, select Choose users.To add a sender to the allow list for a user, choose Yes from the Allowed to spoof column. To add a sender to the block list for a user, choose No. This brings up the Detailed tab with the list of users being spoofed split into individual rows so you can choose whether to allow or block the sender from spoofing each user individually.
7. Choose Save to save any changes.

How to See Spoofed Email Activity for My Office 365 Tenant?

You can check the ‘Spoof Mail Report’ in your Security & Compliance Center to get the view of spoofed senders in your domain. You can quickly get a visual report of summary data, and drill-down into details about individual messages, for as far back as 90 days. You can check this in detail in this Microsoft TechNet blog.

Ref: Learn more about spoof intelligence

The post Office 365 Email Spoofing Report appeared first on Office 365 Reports.

What is Office 365 Security Score?

Office 365 Security Score is a security analytics tool which will help you to quickly evaluate your Office 365 security settings based on industry standard and give you score for your security adoption. This tool additionally allows you to improve your security score by doing some recommended action.

How the Secure Score is Calculated?

First, the total available points for your tenant is calculated by accounting the services which are active or enabled in your tenant. Next, your tenant score is calculated by checking all the security settings applied to those services. Once both the point is calculated you get your Secure Score.

There are totally 77 security actions are identified and implemented in the current preview.

How to Access this Tool?

You can head to https://securescore.office.com to access this tool. You need to a global admin in order to use this tool.

More Features.

• Target Score : It allows you to set your target score, and list out the necessary security changes that need to be applied to achieve that score.
• Take Action  : Helping you figure out which actions to take to improve your score is the purpose of the Secure Score.
• Compare Your Score : It allows you to compare your score with the O365 average score. The Office 365 Average Secure Score is calculated from every Office 365 customer’s Secure Score.
• Score Analyser : It shows you the trend map of your score alone with the industry average. This data can be exported to PDF or CSV format.
• Risk Assesment : It shows the top threats in the tenant and gives the particular configuration and behaviours.

You can see the Microsoft release announcement about this tool here.

The post Office 365 Security Analytics Service – Finding and Fixing Risk is Now Easy! appeared first on Office 365 Reports.