GOffice has been receiving Phishing emails from reputable domains
Hi yāall! Iāve gotten two tickets so far from users receiving emails that look suspiciously like phishing, but the addresses look legitimate. One of them ends in @zoomus (a real domain owned by Zoom) and the other @microsoftonline.com (also owned by Microsoft) but both emails are directed towards people that neither user have ever been in communication with.
Any advice on how to further look into these messages and how to educate users on spotting them in the future?
UPDATE: both users HAVE been encouraged to delete the message or already have. We have a spam filter system but Iām not quite sure if I should be blocking these addresses since they COULD be used for legitimate purposes in the future.
Any advice on how to further look into these messages and how to educate users on spotting them in the future?
UPDATE: both users HAVE been encouraged to delete the message or already have. We have a spam filter system but Iām not quite sure if I should be blocking these addresses since they COULD be used for legitimate purposes in the future.
Solution
I'd nuke anything that doesn't come from their outlined addresses for the meantime, unless there is potential for operation impact, quick way to address the zoom domain at least momentarily.
At Cyber Info, we strive to empower every individual with easy access to cybersecurity education
179,925Members
Resources
Recent Announcements
Similar Threads
Was this page helpful?
