No matter how hard your organization tries to protect employees and its customers, it is possible for determined individuals to find a way to bypass built-in security protections and steal your account credentials.
Here are two examples:
- you will get an email with a notification that you have late tasks in the Planner
- you will receive an email containing a link to a SharePoint document which is similar to standard SharePoint invitation
If you click on the link, a fake portal.office.com login page will appear.
What to do if your Office 365 account was hacked?
- contact your IT support immediately
- reset your password
- remove mailbox delegates
- disable mail forwarding rules
- remove the global mail forwarding property
- enable Multi-Factor authentication
- set a complex password
- enable mailbox auditing
- deliver Audit Logs to the admin to review
Follow these steps to prevent phishing attacks
- Educate your colleagues about the dangers and the warning signs of phishing attacks.
- Do not click on a suspicious link from unknown email addresses/senders.
- Do not input your Office 365 account credentials into suspicious forms, or when a connection to a website is not secure.
- Always try to use two-factor authentication.
- Purchase and enable Advanced Threat Protection.
Use Advanced Threat Protection from the Security & Compliance Center
Advanced Threat Protection has a set of machine learning models with detection algorithms that can mitigate a very high percentage of phishing attacks. It is available in the Office 365 E5 plan, but you can also purchase it as an add-on to your existing Plans.