Dear Valued Customers, Welcome to the latest edition of our Microsoft 365 Security and Compliance Update. As part of our ongoing commitment to transparency, we are excited to share our recent enhancements and activities to ensure your Microsoft 365 tenants remain secure and compliant. In these updates, we delve into the continuous improvements and proactive measures we’ve implemented across our suite of services. Our goal is to provide you with insights into the tireless work our teams perform behind the scenes to safeguard your data and uphold the highest compliance standards. Stay tuned as we explore these updates in detail, and as always, we appreciate your trust in Microsoft 365 as your secure and compliant productivity solution. Best Regards, Microsoft Defender for Office 365 significantly bolsters anti-phishing capabilities beyond what’s offered by Exchange Online Protection. It employs advanced AI and machine learning algorithms to analyze mailbox behavior, providing a more nuanced and effective defense against phishing attacks. Its robust impersonation protection features and advanced phishing thresholds offer superior protection against sophisticated attacks. This makes it a more powerful, all-encompassing solution for safeguarding against emerging phishing threats. Impersonation is when the sender of an email message looks similar to a real or expected sender’s email address. Attackers often use impersonated sender email addresses in phishing or other attacks to gain the recipient’s trust. There are two basic types of impersonation: Domain impersonation: Contains subtle differences in the domain. For example, lila@ćóntoso.com impersonates lila@contoso.com. User impersonation: Contains subtle differences in the email alias. For example, rnichell@contoso.com impersonates michelle@contoso.com. Domain impersonation differs from domain spoofing because the impersonated domain is often a real, registered domain, but with the intent to deceive. Messages from senders in the impersonated domain can pass regular email authentication checks that would otherwise identify the messages as spoofing attempts (SPF, DKIM, and DMARC). There are 3 steps to enabling Impersonation Protection. It is included at no charge in M365 Security and Compliance Plan 1 and Plan 2. The feature is available immediately. Log a call with support@globalmicro.co.za and provide them with the information listed in the three steps above. For more information about our products and services, send us your details and one of our agents will reach out to you.
The Global Micro Solutions Microsoft 365 Security and Compliance TeamMarch 2024 – Impersonation Protection in Defender for Office 365
Background
How do threat actors trick users with impersonation?
How do you prepare for Impersonation Protection?
Is there a cost to enabling this capability?
When will this change be rolled out to your Microsoft Tenant?
Contact Us