Your IT Consultant

Stop Malicious Email Forwarding for Outlook Users in Office 365

December 12, 2018

The bad guys keep changing tactics in an effort to steal identity or for financial gain. The Attack Takeover Attack (ATA) is a growing concern. Why try to spoof an email when you can just compromise the account and send it from the real source? One way this is done is through the use of hidden rules. The verification email that one normally gets is automatically sent to an attacker and then deleted. If you don’t know this rule exists, you will experience all sorts of fraud.

Microsoft Office 365 administrators can defend against these email-enabled attacks that make hidden rules in Outlook to forward emails that would otherwise tip you off that your account has been taken over. CSO has an excellent post to guide you through the steps needed to prevent and discover hidden rules. You’ll need to know something about PowerShell scripts, which really isn’t that hard. The post steers you to Microsoft’s Secure Score, which every Windows and Office 365 user should investigate.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://www.senseient.com