cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Attacks Phishing

CarlosMoralesMX
Brass Contributor

‎Jan 13 2021 09:15 AM - last edited on ‎Feb 01 2023 01:37 PM by

‎Jan 13 2021 09:15 AM - last edited on ‎Feb 01 2023 01:37 PM by

Attacks Phishing

Hi Team.

We have had two cases in our Office 365 tenant.

1. Some users receive phishing emails. I block this IPs and domains. In a Office E1 subscriptions, is there anything else that can be done?

 

2. This emails they are also sent to our clients too. Emails are sent to our clients as if they were ours, how can i report this?

 

Thanks

Labels:
1,085 Views
0 Likes
2 Replies
Reply
2 Replies
best response confirmed by CarlosMoralesMX (Brass Contributor)
Pontus Själander

‎Jan 13 2021 02:36 PM

‎Jan 13 2021 02:36 PM

Solution

Re: Attacks Phishing

@CarlosMoralesMX Hi!

When it comes to reducing Phishing emails, I would recommend you to review your EOP configuration accordingly to Microsoft's Best practices configurations.
You can find guidelines for EOP Configurations here
I would also highly suggest that you have a look on the Defender for Office 365 function.
This will help you to detect bad links/attachments and also enables you to create anti-Phishing policies.
You can read more about Defender for Office 365 capabilities as Safe Links, Safe Attachments, Anti-Phishing policies here


Regarding the emails being sent to you clients, in your domain name. This is simply emails being spoofed, you can protect your clients from spoofing through anti-spoofing techniques as SPF/DKIM/DMARC.
Here is a good article about anti-spoofing capabilities

0 Likes
Reply
CarlosMoralesMX

‎Jan 13 2021 03:52 PM

‎Jan 13 2021 03:52 PM

Re: Attacks Phishing

Thanks @Pontus Själander 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by CarlosMoralesMX (Brass Contributor)
Pontus Själander

‎Jan 13 2021 02:36 PM

‎Jan 13 2021 02:36 PM

Solution

Re: Attacks Phishing

@CarlosMoralesMX Hi!

When it comes to reducing Phishing emails, I would recommend you to review your EOP configuration accordingly to Microsoft's Best practices configurations.
You can find guidelines for EOP Configurations here
I would also highly suggest that you have a look on the Defender for Office 365 function.
This will help you to detect bad links/attachments and also enables you to create anti-Phishing policies.
You can read more about Defender for Office 365 capabilities as Safe Links, Safe Attachments, Anti-Phishing policies here


Regarding the emails being sent to you clients, in your domain name. This is simply emails being spoofed, you can protect your clients from spoofing through anti-spoofing techniques as SPF/DKIM/DMARC.
Here is a good article about anti-spoofing capabilities

View solution in original post

0 Likes
Reply