Feb 06 2024 08:57 AM
A user in our org was phished. We are making changes on swapping to phishing resistant MFA but what I am more concerned about is how Microsoft didn't catch the email with the malicious attachment. I reported it to Microsoft and after investigation, the dashboard shows "Reclassified as Bulk". While the incident took place, I scanned with Virus Total and numerous scanners already had the file labeled malicious and labeled phishing. The Microsoft scanner showed undetected. 2 weeks later and more scanners show phishing with Microsoft STILL showing undetected.
1. Google and other prominent scanners show phishing, but Microsoft does not. How can that be?
2. How do I add more reliable scanners into our Microsoft environment to check?
3. Any other suggestions?
Please see the screenshot for the detections.
Feb 11 2024 07:34 AM
Feb 20 2024 09:09 AM