Suspicious phishing email to organization email accounts

Maurice Botha 76 Reputation points
2023-02-28T09:19:46.6433333+00:00

Good day everyone,

I have a client that received an email from a gmail account that was sent to all the email address in the organization with the GM's name, surname and other personal information. The client only has the free AD subscription and no Microsoft 365 Defender license.

What I did was, was to create a policy in Microsoft Exchange to block that specific email account and sent it to the recipient's junk folder and to quarantine the email. Is there anything else I can do to investigate the situation or add security measures to prevent something like this happening again?

PS: Like I mentioned the client has the free AD subscription and no Microsoft 365 Defender license.

Thanks in advanced

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
3,916 questions
Microsoft Exchange Online
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,230 questions
0 comments No comments
{count} votes

Accepted answer
  1. JimmySalian-2011 41,926 Reputation points
    2023-02-28T09:42:29.9566667+00:00

    Hi,

    First is the user training and guidance that they should not click or share / open links. Also you can review the 90 days free MS Defender and evaluate policies and settings for the tenant.

    Review the protection you can implement and start with basic policies to restrict the phishing mails, spoofing.

    https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-phishing-protection-about?view=o365-worldwide

    Share this with the users so they are trained and aware of the phishing mails - https://support.microsoft.com/en-gb/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44

    Hope this helps.

    JS

    ==

    Please Accept the answer if the information helped you. This will help us and others in the community as well.


0 additional answers

Sort by: Most helpful