Phishing Emails and Office 365

Jay HineSecurityLeave a Comment

What are phishing emails?

Phishing emails are sent to trick you into divulging a password of some kind or other personal details. Some estimates claim the number of fake emails sent each day is now in the billions. During these long periods of working from home due to Covid, many workers are unable to quickly ask a colleague if they think an email they just received is dodgy.

Office 365 is a big target for phishing

You could receive an email pretending to be from Microsoft claiming your password is about to expire. It would include a link to follow and reset it. Alternatively, it may tell you there is a voicemail or message waiting for you and you need to follow a link to access it.

In both scenarios you will be then asked to confirm your existing password. If you do you have potentially given a third-party access to your Office 365 email account.

These people can then discretely monitor all your email traffic. When they spot something useful, they can then intercept it. If, for example you are discussing payment with a supplier, they can divert the emails and even send their own that appear to come from you.  Your supplier will have no way to know this is not legitimate correspondence from you.

Tips to protect yourself and your clients from these emails:

  1. Companies such as Microsoft will never ask you to reset your password via a link sent in an unsolicited email.
  2. If you receive an email from a regular client or supplier asking you to change their bank details, phone them and check. Don’t use the number in the email, check their website for the number if you don’t already have it.
  3. Never click a link within an email you are not sure is legitimate.
  4. If in doubt don’t open the email and never open any attachments.
  5. Have the preview screen available within Outlook so you can see the content without opening the email.

Third-party add-ons can help

Within Office 365 there are certain options you can enable and use which help to protect against these emails arriving. The problem is that if these options are too strict, it's possible to miss legitimate emails. They could be end up in spam or even quarantined.

In addition to the built-in Office 365 options there are add-ons available to scan emails before they arrive in your mailbox and again when it leaves. These are very effective for protection against phishing, spam emails, and malware/viruses.

Sadly, these emails will occasionally slip through these automated nets, and the only thing that can stop them is users being careful, vigilant, and employing common sense.

If in doubt, call our office on 01293 562 700 or email

About the Author

A picture of Jay Hine, the author of this blog

Jay Hine

IT Director

As a Director of Optima Systems Ltd Jay is responsible for overseeing Sales and Marketing, Human Resources, Customer Relations and Account Management. In addition, Jay is responsible for the design, development, efficiency and smooth running of the IT Networks of our clients, as well as our own technical infrastructure. More about Jay.

More from Jay

Other Posts