Office 365 will help admins find impersonation attack targets

Microsoft has revealed its plans to provide security and IT administrators using Defender for Office 365 with new filters that could find out which users and domains within their organizations were prone to impersonation attacks, according to BleepingComputer. Impersonation attacks take the form of email messages that closely resemble authentic users or domains to deceive targets into opening the emails. The new filters, called impersonated user and impersonated domain, enhance already existing measures in Defender for Office 365 for detecting impersonation attempts by allowing admins to specifically seek out users or domains that have been the targets of impersonation attacks. Security admins will find the new filters through the Impersonation insight pages and on a newly added Email Entity page. The new features are still works-in-progress, but Microsoft said during the reveal of its Microsoft 365 roadmap that they should be available to the public by the end of the month.