This blog is part one of a three-part series focused on business email compromise.
Business email compromise (BEC) is a type of phishing attack that targets organizations, with the goal of stea...
Updated Jan 25, 2023
Version 8.0
Blog Post
Thanks for the comprehensive blog regarding the actual state of Business Email Compromise attacks.
In case the Spoof Intelligence service of Defender for Office 365 and Exchange Online Protection (EOP) detect a sender that might be impersonating a domain that's associated with the organization, a message is delivered to the user. Thank's for that functionality! I have two questions regarding that functionality:
1. Is it possible to change the impersonation recognition message, e.g. so an organization can tailor it to their company's tone of voice?
2. Is it possible for a company to create a list of "trusted" domains for which we don't want to display this message? This could be valuable for a sender domain that has not implemented DMARC yet, but the receiving company currently / temporarily accepts this domain. Therefore, the organization doesn't want the message for that domain to be displayed to the receiving user/employee.