Report spoof E-mail and send E-mail for Inspection In Office 365|Part 12#12 5/5 (1)

In the current article, we will review two subjects that relate to a scenario in which organization experiences a Spoof E-mail attack: Report the Spoof E-mail as “Phishing mail”. Sent the Spoof E-mail for further analysis. Report Spoof E-mail as “Phishing mail” I try to get additional information regarding the subject of “what happens behind…

How to Simulate E-mail Spoof Attack |Part 11#12 5/5 (3)

In the current article, we will demonstrate three options for accomplishing the task of simulating E-mail spoof attack. Our primary goal is performing a test, in which verify if the Exchange Online Spoof E-mail rule that we have created is manage to identify an event of Spoof E-mail and respond accordingly. Disclaimer It is important…

How to simulate E-mail Spoof Attack |Part 10#12 5/5 (1)

When we hear the term “spoof E-mail attack,” the initial association that appears to our mind is – a hacker sitting in a dark room, filled with flashing lights, which quickly tap the keyboard commands and strange markings! Sound romantic? Well, in reality, the ability to perform or simulate E-mail spoof attack is very simple…

Analyzing the results of the Exchange spoof E-mail rule |Part 9#12 5/5 (1)

In the current article, we will review the options that are available for analyzing the result of the Exchange Online Spoof E-mail rule that we have created. The term “analyze” relate to our ability to answer fundamental questions such as: How many times the Exchange Online rule that we have created was “triggered”? What is…

Detect spoof E-mail and send the spoof E-mail to — USER quarantine using Exchange Online rule |Part 8#12 5/5 (2)

In the current article, we will review how to deal with Spoof E-mail scenario in an Office 365 environment, by creating an Exchange Online rule that will identify Spoofed E-mail (spoof sender) and as a response – “route” this E-mail to the Exchange Online user quarantine. In our scenario, we don’t want to enable the…

Detect spoof E-mail and send the spoof E-mail to Administrative Quarantine using Exchange Online rule |Part 7#12 5/5 (2)

In the current article, we will review how to deal with Spoof E-mail scenario in an Office 365 environment, by creating an Exchange Online rule that will identify Spoofed E-mail (spoof sender) and as a response – “route” this E-mail to the Exchange Online administrative quarantine. In our particular scenario, we don’t want to enable…

Detect spoof E-mail and add disclaimer using Exchange Online rule |Part 6#12 5/5 (2)

In the current article, we will review how to deal with Spoof mail by creating an Exchange rule that will identify incoming Spoof E-mail (spoofed sender). In such scenario, we would like to implement the following sequence of actions: Add a disclaimer to the E-mail message. Prepend the E-mail subject. Generate + send an incident…

Detect spoof E-mail and delete the spoof E-mail using Exchange Online rule | Part 5#12 5/5 (1)

In the current article, we will review how to deal with Spoof mail by creating an Exchange rule that will identify incoming Spoof E-mail (spoofed sender). In such scenario, we would like to implement the following sequence of actions: Delete (reject) the E-mail . Generate + send an incident report to a designated recipient. In…

Detect spoof E-mail and mark the E-mail as spam using Exchange Online rule | Part 4#12 5/5 (1)

In the current article, we will review how to deal with Spoof mail by creating an Exchange rule that will identify incoming Spoof E-mail (spoofed sender). In such scenario, we would like to implement the following sequence of actions: Mark the E-mail as spam by setting the SCL (spam confidence level) value to 5. Generate…

Configuring exceptions for the Exchange Online Spoof E-mail rule | Part 3#12 5/5 (1)

In this article, we will review the subject of – “how to create an Exchange Online rule exception. As the name implies, the “exceptions” part of the Exchange rule was created to prevent the execution of the Exchange Online rule in a specific scenario. In the current article, we will continue to use the scenario…

Detect spoof E-mail and send an incident report using Exchange Online rule (Learning mode) |Part 2#12 5/5 (1)

In the current article, we will review how to deal with Spoof E-mail scenario in an Office 365 environment, by creating an Exchange Online rule that will identify Spoofed E-mail (spoof sender) and as a response, will generate and send an incident report to a designated recipient. In our scenario, we want to use the…

Dealing with an E-mail Spoof Attack in Office 365 based environment | Introduction | Part 1#12 5/5 (2)

An organization IT manager call to Office 365 supports, worried and upset, declaring that he is very disappointed about the fact that “Office 365” allow the occurrence of a spoofed E-mail attack! Besides of the urgent need for understanding, how could this happened; the additional urgent need is – to implement some security mechanism, that…