Hey guys,

I've got a bit of a strange issue, to me it appears that one of our users are being attacked via a botnet as thousdans of emails are being sent though to a single mailbox.

We have tried to impliment some rules / addadional spam filters to reduce the number reaching the inbox. This has mostly worked, however, there are still a few which are being passed.

I just wanted to see what procedures you'd recommend or if there is anything I'm missing fromwithin Exchange Online.

Some extra details:

• Licence - O365 Business Preimum
• Single user out of 20 mailboxes. Ideally, we'd not change the email address and try to address the spam.
• The user had clicked on a phishing link last week, which has probs made them a target
• Mutiple domains being used to send though the spam
• Mutiple IPs being used around the world