Forum Discussion
Office 365 - inbound rules for phishing attack
Hi,
One of our user has fallen in a phishing email trap and supplied his Office365 username and password to fake Office365 Sharepoint website thinking it was our company intranet webpage.
For...
There are many ways to monitor phishing emails. rather than you monitoring the outgoing emails for phishing attack you can monitor the incoming emails for the same.
you can create similar rules and mark a copy of a suspicious email to you
If the message...
'Authentication-Results' header contains ''spf=fail' or 'spf=hardfail''
and sender's address domain portion belongs to any of these domains: 'yourprimarydomain.com'
and Is received from 'Outside the organization'
Do the following...
Prepend the subject with '[Possible Spoofed/Phishing Email]'
and Redirect the message to 'your email address'