Forum Discussion
Attacks Phishing
Hi Team.
We have had two cases in our Office 365 tenant.
1. Some users receive phishing emails. I block this IPs and domains. In a Office E1 subscriptions, is there anything else that can be done?
2. This emails they are also sent to our clients too. Emails are sent to our clients as if they were ours, how can i report this?
Thanks
CarlosMoralesMX Hi!
When it comes to reducing Phishing emails, I would recommend you to review your EOP configuration accordingly to Microsoft's Best practices configurations.
You can find guidelines for EOP Configurations https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/best-practices-for-configuring-eop?view=o365-worldwide
I would also highly suggest that you have a look on the Defender for Office 365 function.
This will help you to detect bad links/attachments and also enables you to create anti-Phishing policies.
You can read more about Defender for Office 365 capabilities as Safe Links, Safe Attachments, Anti-Phishing policies https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/tuning-anti-phishing?view=o365-worldwide
Regarding the emails being sent to you clients, in your domain name. This is simply emails being spoofed, you can protect your clients from spoofing through anti-spoofing techniques as SPF/DKIM/DMARC.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-spoofing-protection?view=o365-worldwide is a good article about anti-spoofing capabilities
2 Replies
CarlosMoralesMX Hi!
When it comes to reducing Phishing emails, I would recommend you to review your EOP configuration accordingly to Microsoft's Best practices configurations.
You can find guidelines for EOP Configurations https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/best-practices-for-configuring-eop?view=o365-worldwide
I would also highly suggest that you have a look on the Defender for Office 365 function.
This will help you to detect bad links/attachments and also enables you to create anti-Phishing policies.
You can read more about Defender for Office 365 capabilities as Safe Links, Safe Attachments, Anti-Phishing policies https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/tuning-anti-phishing?view=o365-worldwide
Regarding the emails being sent to you clients, in your domain name. This is simply emails being spoofed, you can protect your clients from spoofing through anti-spoofing techniques as SPF/DKIM/DMARC.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-spoofing-protection?view=o365-worldwide is a good article about anti-spoofing capabilities
