Block [email protected] phishing attempt in Office 365

A phishing attempt is spreading very quickly online. It is an email that looks very legit sharing a google doc. It usually comes from a trusted source since it is spreading via Gmail’s contact list. I even got hit with one at work.?I wasn’t expecting any shared google docs so it raised my eyebrows and I did some quick searching online. then warned all my users and setup a rule in Office 365 to block it.

  1. Login to
  2. Admin Centers –> Exchange
  3. Mail Flow —> Rules
  4. + –> Create New Rule
  5. Apply the rule if the recipient is [email protected]
  6. Do the following: delete the message

I went a little further and add some more rules for extra insurance. I’m deleting anything from or to? My users have no need for that service. I also searched message trace for any other messages that came in so I could warn those users directly. Fortunately we only received one.

More info on reddit.

New Google Docs phishing scam, almost undetectable from google


 Add your comment
  1. Have you thought about incorporating an information sharing clearinghouse such as Phishtank?

    Get list of reported phishes -> if phish is verified -> create rule in Outlook -> push rule to all users

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.