{"id":19657,"date":"2019-10-08T09:16:09","date_gmt":"2019-10-08T13:16:09","guid":{"rendered":"https:\/\/www.sherweb.com\/blog\/?p=19657"},"modified":"2022-09-02T13:04:47","modified_gmt":"2022-09-02T17:04:47","slug":"microsoft-365-flag-phishing-emails","status":"publish","type":"post","link":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/","title":{"rendered":"Office Protect, flag phishing emails in Microsoft 365"},"content":{"rendered":"

Phishing may sound like a leisurely activity by the lakeside, but that picturesque scene is far from reality. Hackers and scammers employ phishing to steal your data. All it takes is a single click to grant someone access to your organization’s confidential information. So, do you know how to combat phishing? If not, read on to learn how Office Protect can give you the security you need.<\/p>\n

 <\/p>\n

Learn how Office Protect helps keep your Microsoft 365 tenants safe with our e-book<\/a><\/h3>\n

 <\/p>\n

What is phishing?<\/h2>\n

Like the outdoor activity, phishing involves dangling bait in the hopes of securing a bite\u2014except in this case, the bait is an email, and the bite is a seemingly harmless click on a link or attachment.<\/p>\n

Hackers send fraudulent emails ranging from a \u201cmessage from the CEO\u201d to \u201cpictures of the kids today\u201d from your significant other, or even an urgent meeting request from your boss. Would you think twice about clicking on those after reading the subject lines?<\/p>\n

The dangers of attachments<\/h3>\n

You may think that merely opening an email couldn’t possibly cause that much damage or even allow hackers to profit. And in some ways, you’re right\u2014just clicking on the dangerous email usually does not cause harm. Rather, the danger is in the form of attachments. Generally, the bait in phishing emails involves some sort of enticement to open an attachment, like the aforementioned meeting request, a letter from the CEO, or pictures from home. Once the attachment is downloaded, any form of malware could infiltrate your company’s network.<\/p>\n

This malware could be ransomware, a Trojan horse, a keylogger, or any sort of virus designed to either gain valuable information from your company or do you harm. Hackers can either exploit that information themselves or sell it to the highest bidder. In the case of ransomware, they can even lock you out of your own systems until you pay up.<\/p>\n

 <\/p>\n

How big of a problem is phishing?<\/h2>\n

If you haven’t been a victim of phishing or haven’t fallen for those emails, you may be inclined to dismiss this type of attack as trivial or a rare occurrence. In fact, a recent report by Microsoft<\/a> shows that phishing has grown by over 250% with no sign of slowing down.<\/p>\n

The art of successful phishing email<\/h3>\n

You may even think that your employees are invulnerable to phishing attempts. After all, why would any reasonable person ever open such an attachment? It would have to be obvious that it’s fake, right?<\/p>\n

This is actually not the case at all. Phishing emails are generally disguised very well\u201441% of phishing domains include just one character swap<\/a>, and senders can easily set the \u201cname\u201d of the from line to basically be anything they want.<\/p>\n

When you look at it through this lens, it’s easier to see how an otherwise distracted recipient, or even a careful one, could overlook those details and introduce malware into your network. Statistics suggest that this is true\u2014at least 30% of phishing emails are opened<\/a>.<\/p>\n

Problems for resellers and MSPs<\/h3>\n

If you are a reseller or managed service provider (MSP), you may be well aware of the dangers of phishing. Even so, you may still struggle to educate your clients about it. You obviously want to do more because your clients’ risk is your risk, too. If a client on one of your shared servers introduces malware into that network, it\u2019s not just their information on the line\u2014it\u2019s yours and every other client’s as well.<\/p>\n

This risk also applies to your employees.\u00a0An employee who introduces malware into your system could be compromising not only your own information but also your clients’, so you must be especially vigilant. One wrong move could destroy your reputation.<\/p>\n

So what can you do besides offering training that the client may or may not even take, or whose information they may end up disregarding in the end? Fortunately for everyone\u2014small businesses, resellers, and managed service providers alike\u2014Office Protect has a solution to help.<\/p>\n

 <\/p>\n

Flagging phishing email using tenant domain or staff name<\/h2>\n

Office Protect has a setting that will flag phishing emails that use a tenant domain or staff name. What does that mean? Basically, Office Protect will detect any emails sent from outside the organization that are using a staff member name or your own domain name in the sender field of the email.<\/p>\n

When Office Protect detects these emails, it will not stop them from being delivered, but it will flag them with a message to alert the user of potentially suspicious activity:<\/p>\n

\u201cThis email was sent from outside your organization, yet is displaying the name of someone from your organization. This often happens in phishing attempts. Please only interact with this email if you know its source and that the content is safe.\u201d<\/em><\/p>\n

When a user sees this, they’ll approach the email with more caution or even immediately flag it as spam.<\/p>\n

It’s still possible that some internal systems, like ticket trackers, may trigger this message. But if that is not the case, the recipient should delete the email immediately without interacting with it.<\/p>\n

 <\/p>\n

How to enable: Flag phishing email<\/h2>\n

So how do you enable this setting? Simply go into your Office Protect<\/a> dashboard and access the settings. You will then see a toggle menu to turn on the setting, as well as its security impact (medium) and user impact (low).<\/p>\n

Want to use Office Protect or offer it to your clients? Contact us<\/a> today to learn more about our available options.<\/p>\n","protected":false},"excerpt":{"rendered":"

Phishing may sound like a leisurely activity by the lakeside, but that picturesque scene is far f","protected":false},"author":177,"featured_media":19658,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[753],"tags":[826,919],"class_list":["post-19657","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-office-protect","tag-cybersecurity"],"yoast_head":"\nOffice Protect, flag phishing emails in Microsoft 365 | Sherweb<\/title>\n<meta name=\"description\" content=\"Phishing emails originating from your company or using your user's names is never something you want. what if there was a way to flag and prevent this?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Office Protect, flag phishing emails in Microsoft 365 | Sherweb\" \/>\n<meta property=\"og:description\" content=\"Phishing emails originating from your company or using your user's names is never something you want. what if there was a way to flag and prevent this?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/\" \/>\n<meta property=\"og:site_name\" content=\"Sherweb\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Sherweb\" \/>\n<meta property=\"article:published_time\" content=\"2019-10-08T13:16:09+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-09-02T17:04:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/blogHero-FlagPhishingEmails.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"460\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"The Sherweb Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:site\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"The Sherweb Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/\"},\"author\":{\"name\":\"The Sherweb Team\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/42a19dccace310904575a5656cc20976\"},\"headline\":\"Office Protect, flag phishing emails in Microsoft 365\",\"datePublished\":\"2019-10-08T13:16:09+00:00\",\"dateModified\":\"2022-09-02T17:04:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/\"},\"wordCount\":943,\"commentCount\":4,\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/blogHero-FlagPhishingEmails.png\",\"keywords\":[\"Office Protect\",\"Cybersecurity\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/\",\"name\":\"Office Protect, flag phishing emails in Microsoft 365 | Sherweb\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/blogHero-FlagPhishingEmails.png\",\"datePublished\":\"2019-10-08T13:16:09+00:00\",\"dateModified\":\"2022-09-02T17:04:47+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/42a19dccace310904575a5656cc20976\"},\"description\":\"Phishing emails originating from your company or using your user's names is never something you want. what if there was a way to flag and prevent this?\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/#primaryimage\",\"url\":\"\\\/blog\\\/wp-content\\\/uploads\\\/blogHero-FlagPhishingEmails.png\",\"contentUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/blogHero-FlagPhishingEmails.png\",\"width\":1200,\"height\":460,\"caption\":\"Flag Phishing Emails\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/microsoft-365-flag-phishing-emails\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Office Protect, flag phishing emails in Microsoft 365\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\",\"name\":\"Sherweb\",\"description\":\"More than a cloud marketplace\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/42a19dccace310904575a5656cc20976\",\"name\":\"The Sherweb Team\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/author\\\/the-sherweb-team\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Office Protect, flag phishing emails in Microsoft 365 | Sherweb","description":"Phishing emails originating from your company or using your user's names is never something you want. what if there was a way to flag and prevent this?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/","og_locale":"en_US","og_type":"article","og_title":"Office Protect, flag phishing emails in Microsoft 365 | Sherweb","og_description":"Phishing emails originating from your company or using your user's names is never something you want. what if there was a way to flag and prevent this?","og_url":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/","og_site_name":"Sherweb","article_publisher":"https:\/\/www.facebook.com\/Sherweb","article_published_time":"2019-10-08T13:16:09+00:00","article_modified_time":"2022-09-02T17:04:47+00:00","og_image":[{"width":1200,"height":460,"url":"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/blogHero-FlagPhishingEmails.png","type":"image\/png"}],"author":"The Sherweb Team","twitter_card":"summary_large_image","twitter_creator":"@SherWeb","twitter_site":"@SherWeb","twitter_misc":{"Written by":"The Sherweb Team","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/#article","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/"},"author":{"name":"The Sherweb Team","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/42a19dccace310904575a5656cc20976"},"headline":"Office Protect, flag phishing emails in Microsoft 365","datePublished":"2019-10-08T13:16:09+00:00","dateModified":"2022-09-02T17:04:47+00:00","mainEntityOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/"},"wordCount":943,"commentCount":4,"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/blogHero-FlagPhishingEmails.png","keywords":["Office Protect","Cybersecurity"],"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/","url":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/","name":"Office Protect, flag phishing emails in Microsoft 365 | Sherweb","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/#primaryimage"},"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/blogHero-FlagPhishingEmails.png","datePublished":"2019-10-08T13:16:09+00:00","dateModified":"2022-09-02T17:04:47+00:00","author":{"@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/42a19dccace310904575a5656cc20976"},"description":"Phishing emails originating from your company or using your user's names is never something you want. what if there was a way to flag and prevent this?","breadcrumb":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/#primaryimage","url":"\/blog\/wp-content\/uploads\/blogHero-FlagPhishingEmails.png","contentUrl":"\/blog\/wp-content\/uploads\/blogHero-FlagPhishingEmails.png","width":1200,"height":460,"caption":"Flag Phishing Emails"},{"@type":"BreadcrumbList","@id":"https:\/\/www.sherweb.com\/blog\/security\/microsoft-365-flag-phishing-emails\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sherweb.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.sherweb.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Office Protect, flag phishing emails in Microsoft 365"}]},{"@type":"WebSite","@id":"https:\/\/www.sherweb.com\/blog\/#website","url":"https:\/\/www.sherweb.com\/blog\/","name":"Sherweb","description":"More than a cloud marketplace","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sherweb.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/42a19dccace310904575a5656cc20976","name":"The Sherweb Team","url":"https:\/\/www.sherweb.com\/blog\/author\/the-sherweb-team\/"}]}},"tag_names":["Office Protect","Cybersecurity"],"_links":{"self":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/19657","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/users\/177"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/comments?post=19657"}],"version-history":[{"count":12,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/19657\/revisions"}],"predecessor-version":[{"id":23864,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/19657\/revisions\/23864"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media\/19658"}],"wp:attachment":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media?parent=19657"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/categories?post=19657"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/tags?post=19657"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}