Block [email protected] phishing attempt in Office 365

A phishing attempt is spreading very quickly online. It is an email that looks very legit sharing a google doc. It usually comes from a trusted source since it is spreading via Gmail’s contact list. I even got hit with one at work.?I wasn’t expecting any shared google docs so it raised my eyebrows and I did some quick searching online.

https://motherboard.vice.com/en_us/article/massive-gmail-google-doc-phishing-emailI then warned all my users and setup a rule in Office 365 to block it.

  1. Login to https://portal.office.com
  2. Admin Centers –> Exchange
  3. Mail Flow —> Rules
  4. + –> Create New Rule
  5. Apply the rule if the recipient is [email protected]
  6. Do the following: delete the message

I went a little further and add some more rules for extra insurance. I’m deleting anything from or to?mailinator.com. My users have no need for that service. I also searched message trace for any other messages that came in so I could warn those users directly. Fortunately we only received one.

More info on reddit.

New Google Docs phishing scam, almost undetectable from google

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

2 Trackbacks