Top

Report spoof E-mail and send E-mail for Inspection In Office 365|Part 12#12 5/5 (1) 4 min read

Report spoof E-mail and send E-mail for Inspection In Office 365|Part 12#124 min read

In the current article, we will review two subjects that relate to a scenario in which organization experiences a Spoof E-mail attack:

  1. Report the Spoof E-mail as “Phishing mail”.
  2. Sent the Spoof E-mail for further analysis.

Report Spoof E-mail as “Phishing mail”

I try to get additional information regarding the subject of “what happens behind the scenes” when using the option of – reporting E-mail message as phishing in Office 365 environment but, I could not find information about the exact process that implemented.

Despite this lack of information, in a scenario of phishing E-mail message, the best practice is to use the option of “reporting”.

Send the Spoof E-mail for further analysis

In a scenario in which we want to forward the “Spoof E-mail message” to a technical person or team, that will be able to analyze the E-mail message, the most common mistake is to copy and paste the content of the “Spoof E-mail message” or send a screenshot to the technical person that will need to analyze the information.

In such a scenario, there are two important issues that we need to know about:

  1. Send the “Spoof E-mail message” as a mail item – the meaning is that we need to have all the data that include in the “Spoof E-mail message”, the content, the email headers and so on.
  2. When sending an E-mail as an attachment, there is a reasonable chance that the destination mail servers which “accept” the E-mail will change \update some fields in the E-mail header.

For this reason, when we sent an email message for further analysis, it’s important to “zip” the E-mail message.

Report a Spoof E-mail as “Phishing mail” in Office 365

At the current time, to the option of reporting about a Spoof E-mail or a “Phishing mail” is available for Office 365 customers and only one using the OWA mail client.

Technically speaking, the Spoof E-mail” is different from the formal definition of Phishing mail, but for our purpose, we will not go into a detailed description and relate to Spoof E-mail as a Phishing mail.

The process of reporting a particular E-mail as a “Spoof E-mail” is very simple.

All you need to do is to select the appropriate E-mail message, click on the small black arrow
on the not junk menu

Report E-mail as Spoof E-mail – Office 365 -01

And choose the menu Phishing

Report E-mail as Spoof E-mail – Office 365 -02

Send a spoofed E-mail for further analysis

In the following section, we will review the steps that need to be implemented in a scenario in which we want to forward a particular E-mail message to further analysis.

  • Choose the specific E-mail message that you want to send for further analysis.

Sent Spoof E-mail message for further process of analysis -01

  • Open the E-mail message and choose the File menu

Sent Spoof E-mail message for further process of analysis -02

  • Select the Save As menu

Sent Spoof E-mail message for further process of analysis -03

  • Save the E-mail message in a particular path that you choose.

Sent Spoof E-mail message for further process of analysis -04

The E-mail message will be saved by using the MSG file format.

Use your preferred file compression software that you like.
In our particular scenario, we use the built-in zip option for zipping the E-mail message.

Right click on the E-mail message and choose the menu – Send to and on the submenu Compressed (zipped) folder.

Sent Spoof E-mail message for further process of analysis -05

Create a new E-mail message and the ZIP file (the compressed E-mail message) as an attachment.

Sent Spoof E-mail message for further process of analysis -06

In the following screenshot, we can see the E-mail message with the zip attachment.

Sent Spoof E-mail message for further process of analysis -07

Dealing with spoof E-mail – Office 365 | Article series index

Now it’s Your Turn!
It is important for us to know your opinion on this article

Summary
Report spoof E-mail and send E-mail for Inspection In Office 365|Part 12#12
Article Name
Report spoof E-mail and send E-mail for Inspection In Office 365|Part 12#12
Description
In the current article, we will review two subjects that relate to a scenario in which organization experiences a Spoof E-mail attack: Report the Spoof E-mail as “Phishing mail”. Sent the Spoof E-mail for further analysis.
Author
Publisher Name
o365info.com
Publisher Logo

Please rate this

[email protected]

Share your knowledge. It’s a way to achieve immortality. Dalai Lama

No Comments

Post a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Read previous post:
How to Simulate E-mail Spoof Attack |Part 11#12

In the current article, we will demonstrate three options for accomplishing the task of simulating E-mail spoof attack. Our primary...

Close