Threat Management

Office 365 will help admins find impersonation attack targets

Microsoft has revealed its plans to provide security and IT administrators using Defender for Office 365 with new filters that could find out which users and domains within their organizations were prone to impersonation attacks, according to BleepingComputer. Impersonation attacks take the form of email messages that closely resemble authentic users or domains to deceive targets into opening the emails. The new filters, called impersonated user and impersonated domain, enhance already existing measures in Defender for Office 365 for detecting impersonation attempts by allowing admins to specifically seek out users or domains that have been the targets of impersonation attacks. Security admins will find the new filters through the Impersonation insight pages and on a newly added Email Entity page. The new features are still works-in-progress, but Microsoft said during the reveal of its Microsoft 365 roadmap that they should be available to the public by the end of the month.
Jill Aitoro

Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.