Phishing attack , steps to avoid it

J-3804 1,601 Reputation points
2021-08-05T22:42:27.243+00:00

Hi team,

Our organization recently got a phishing attack, could you please let me know what are the steps we can take to avoid this happen again.

Thank you for your help,

Exchange Online
Exchange Online
A Microsoft email and calendaring hosted service.
6,173 questions
{count} votes

Accepted answer
  1. Yuki Sun-MSFT 41,376 Reputation points Moderator
    2021-08-06T05:04:31.803+00:00

    Hi @J-3804 ,

    By default, there's already a built-in anti-phishing policy that contains a limited number of anti-spoofing features enabled in Microsoft 365 organizations with mailboxes in Exchange Online. It can be viewed in the Anti-phishing page(https://security.microsoft.com/antiphishing).
    121025-1.png

    Considering that your organization is still getting phishing attack, you can increase that protection by refining the current settings of the anti-phishing policy or creating custom anti-phishing policies with stricter settings that are applied to specific users or groups of users. See: Configure anti-phishing policies in EOP.

    Furthermore, there are some additional features included in Exchange Online Protection (EOP) and Microsoft Defender for Office 365 which can help protect your organization from phishing threats. For more information, hopefully you can find the document belwo helpful:
    Anti-phishing protection in Microsoft 365


    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. Scott Jerger 1 Reputation point
    2021-08-06T08:41:52.257+00:00

    Thanks for the information. Microsoft Defender for Office 365 plan 2 has many of the features to help with these issues. Go to this site for access to an Interactive Guide. Well worth the 20-minute investment. Whenever possible, empowering the users with training and live testing gives some personal accountability which can help in the long term. To access, visit the new Security Portal > Email & collaboration > Attack simulation training.

    For getting started information about Attack simulation training, see Get started using Attack simulation training.
    121009-attacksimulationtraining.jpg

    0 comments No comments

  2. J-3804 1,601 Reputation points
    2021-08-07T00:04:17.63+00:00

    Thank you guys!


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.