Threat Management

Office 365 will help admins find impersonation attack targets

Microsoft has revealed its plans to provide security and IT administrators using Defender for Office 365 with new filters that could find out which users and domains within their organizations were prone to impersonation attacks, according to BleepingComputer. Impersonation attacks take the form of email messages that closely resemble authentic users or domains to deceive targets into opening the emails. The new filters, called impersonated user and impersonated domain, enhance already existing measures in Defender for Office 365 for detecting impersonation attempts by allowing admins to specifically seek out users or domains that have been the targets of impersonation attacks. Security admins will find the new filters through the Impersonation insight pages and on a newly added Email Entity page. The new features are still works-in-progress, but Microsoft said during the reveal of its Microsoft 365 roadmap that they should be available to the public by the end of the month.
Jill Aitoro

Jill Aitoro is senior vice president of content strategy for CyberRisk Alliance. She has more than 20 years of experience editing and reporting on technology, business and policy. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.