How to Block Fake Emails Impersonating Your Staff in Microsoft 365
ฝัง
- เผยแพร่เมื่อ 5 มิ.ย. 2024
- People who pretend to be other people. In the cyber security world, this is known as impersonation.
Fortunately, there is a setting in Microsoft 365 that you can use to reduce the risk in your business, and in this video, I am going to show you it.
The setting is called impersonation protection and is included within Defender for Office 365
#microsoft365 #Microsoft365Tips #ManagedITServices
------------------------------------------------------------------------------------------------------------------------------------------------
Are you using Microsoft 365 to its fullest potential? Are you getting the most from your investment? It's time to supercharge your Microsoft 365 and your business.
Our FREE Guide - Discover 5 things in Microsoft 365 that will save your business time and money….. and one feature that increases your Cyber Security by 99.9%
► Download our guide here today: 365gearsystem.com
------------------------------------------------------------------------------------------------------------------------------------------------
--------
So who am I and what do I do?
I am an IT expert with over 20 years of industry experience across a multitude of different areas. I am the Founder & Managing Director of Integral IT. Our mission is to deliver IT services that bring real value to each and every one of our customers, no matter how big or small.
If you need IT support, we can help. We can help you wherever you are in the world; you just need an internet connection.
Contact Us Today ► hello@integral-it.co.uk
www.integral-it.co.uk/
-- Make Sure To Follow Me On My Socials Below --
► INSTAGRAM: / bearded365guy
► Tik Tok: / bearded365guy
If you have any video ideas, or if you'd like me to make a video on anything specific make sure to let me know in the comments below!
00:00 Introduction
00:45 How Impersonation Works
02:29 Defender for Office 365
03:18 How to Configure Impersonation in 365
04:36 Enable Users to Protect
05:49 Enable Domains to Protect
06:34 Add Trusted Senders
07:33 Advanced AI Settings
Love how the creativity compliments the security!
Hi Jon,
Thank you so much for uploading this mind blowing video. I really enjoyed and learned a lot. In my office I see lots of spoofed email everyday and we keep on blocking those emails and purge emails from recipients inboxes every single day. Thank you for these setting overview.
Great video Jon !, thank you, it has helped me to increase the security of my company.
Jonathan you are awesome!
Thank you so much for these helpful videos 🙏🙏🙏
Thanks Alan
Hey Jon, your videos are very useful and simple to follow, thank you. With regard to new users, would we then have to go in and manually add them to the policy each time someone joins the org as the policy setting is enabling users and adding them on set up?
Yes, unfortunately you would have to manually add them.
@@bearded365guy Doesn't domain impersonation cover the user ones? Suppose I have user1@abc.be and I don't add him as a user, but have @abc.be, so that should be sufficient?
Thanks for this. Our MD has had a few impersonations done to some of our users. I checked for this setting, but we have business standard, not premium. Will get pricing for the Defender Add-on, or see if we can get 1 premium account if that is allowed.
Good idea.
You missed a key final step. You have to edit the Actions for the anti-spam policy, then configure the action for "If a message is detected as user impersonation".
For initial testing, you can set "Deliver the message and add other addresses to the Bcc line". This will let you monitor false positives (to be added to exceptions list) before you enable it to Quarantine them
See my other video on configuring Defender for 365
Hi Jonathan is this the video to see for the missed final step Learn How to Configure Defender for Office 365 for Maximum Security?
The 2 options of Defender Standard and Strict, are configured the same or in this feature differs?
The strict and standard are kind of automatic ways to configure defender. See my video on configuring defender for 365 uploaded a few months ago!
Jonathan - my configuration shows an option of "Enable Automatic - System-controlled impersonation protection (Recommended). But if this is checked you cannot add users or domains. Further, if I accept their recommended configuration and save it does not green light. Can you clarify this?
You need a licence to use Microsoft Defender for Office 365
Hi Jonathan, I'm an 365 admin and my colleagues are randomly getting those extortion e-mails claiming "we saw you doing x and if you don't pay us BTC we will publish the video" kind of nonsense. The sender always has the recipient's own e-mail address, looking like the person has been sending these scam mails to himself. Is there anything to do block such e-mails?
Sounds like you should be doing help desk and not systems admin 🤣
@ Very helpful reply, much appreciated. Our educational licensing is different from what Jonathan is showing and everyone I asked about this kind of spam mails said it's pretty much impossible to block, hence I asked. I know we can use keyword based filtering and redirect all mails containing the words "BTC" to spam but I was wondering if there is a 'nicer' way to do it.
This sounds like implanting DKIM and DMARC could help here. See my other video on TH-cam on how to implement
How can I ensure that the user sets a strong password and does not use any of their last 5 passwords?
It’s MFA all the way