Oct 19 2016
- last edited on
May 24 2021
Forgive me if this is the wrong group.
Office 365/E3. Some of our users have been receiving a specific phishing email today in their regular inbox (from the same sender, same subject line, payload, attachments) that attempts to phish their Google Doc login details.
Is there any way for me to, as a global admin, to search for and somehow "quarantine" (not sure if that's the right term) these specific existing mails across the tenant/organization? I don't want users to continue to click on these emails as they encounter them in their inbox. Going forward I know I can somehow block them, but what to do about all the ones that have already been delivered/received?
Oct 19 2016 11:41 AMSolution
Best you can do is purge them via Search-Mailbox. Or simply report them (https://technet.microsoft.com/en-us/library/jj200769(v=exchg.150).aspx) and let ZAP do it's magic.