In recent weeks, I have noticed a significant uptick in the use of “.onmicrosoft.com” domains for phishing attempts. It seems that the attackers have been setting up multiple trial Microsoft 365 accounts, automatically activating Exchange Online. They are exploiting this as a temporary method to send out phishing emails. At one point, I observed nearly […]
In many organizations, the practice of utilizing a local SMTP server integrated with Exchange Online remains quite common.Depending on the SMTP service used, you have different possibilities to both secure the usage of the smtp server and getting insights from the usage. One crucial area often overlooked is the monitoring of unusual spikes in outbound […]
Microsoft 365 Security blog by Pontus Själander