How To Open Email Template In Office365

E-mail is a valuable communication tool that helps to attain people globally. So, hackers are increasingly targeting emails for their Phishing attacks. Phishing attacks are not new, merely hackers use new phishing techniques  that are challenging and hard to trace. Generally, phishing attacks used to steal sensitive information.

E-mail spoofing  is 1 of the phishing attacks where the sender looks legitimate at first sight but not. For example, A new phishing attempt targeted on Office 365 users  – Here, the sender shows himself as a 'Company Director' simply, actually not.

How to Prevent Email Spoofing in Office 365?

To prevent email spoofing, first, we need to observe the source of the scammers. Generally, it can be categorized as follows.

1. Spoofing email from a trusted domain or same as a user domain
2. Spoofing e-mail from known user name with an external domain

Spoofing email from trusted domains: Some times, spoofed emails look like originated from trusted domains or the same equally your domain but not. Spammers can hands spoof the 'From' address. And then, the user in 'contoso. com' can receive emails from the attacker with xyz@contoso.com header. To prevent these kinds of spoofing, you lot tin can configure DKIM (DomainKeys Identified Mail), SPF(Sender Policy Framework), etc.

Spoofing email from the external domains: In some other cases, attackers will annals a domain for a visitor which they are impersonating. For case, 'conteso. com' instead of 'contoso. com'. Since the mail service originated from valid domain, DKIM can't place the spam email. As a security precaution, it's good to alert your organisation members when they receive mail from an external source.

To prevent email name spoofing, y'all can warning users by adopting few post-obit methods.

1. Prepend "External" to subject line for incoming external emails
2. External sender warning/disclaimer

You lot tin can employ the Exchange Transport dominion to marking external emails.

Configure External Email Warning bulletin for Office 365 Emails:

Yous tin use the below methods to add warning message to emails that are originating from exterior of your system .

ane.Configure external electronic mail alert through Transport rule

• Set an External Email alert message through PowerShell
• Configure External Sender warning message through Exchange Admin Middle (EAC)

2.Enable External tagging using native cmdlet

PowerShell Script to prepare External E-mail Warning Bulletin:

The Commutation transport rule can be created using the ' New- TransportRule ' cmdlet. While creating the rule, we can specify atmospheric condition, exemptions, and deportment.

To configure a mail menses dominion for external email messages, nosotros need to set the following weather condition.

       – Sender is located outside the organization

       – Receiver is located inside the organisation

I have created a PowerShell script to set a mail flow rule for external postal service. The script creates the mail service-menstruum rule that adds 'External' to the field of study line and external warning message in the postal service for incoming external emails. You will be alerted like a screenshot below.

Script Highlights:

• This script tin can be executed with MFA  enabled account as well.
• Prepends " External " to subject line for incoming external emails
• Adds " External Disclaimer " for external emails
• You can exclude group mailboxes  like support, sales that facing external globe.

Download Script: ExternalWarningRule.ps1

How to Execute the External alert message script:

Afterward downloading script, execute the script every bit follows based on your need:

To add alert to all external mails:

If you want to add external warning message to all incoming emails that originated from outside of the organisation, execute the script as shown below.

. / ExternalWarningRule . ps1

To add alert to all external emails except some grouping members:

In some state of affairs, you don't want to add 'External' warning to some groups ' members . In that example, yous tin can exclude warning for those group's members. Yous can exclude group members by mentioning groups using -ExcludeGroupMembers param.

. / ExternalWarningRule . ps1 -ExcludeGroupMembers Customers @ contoso . com , salesExecutives @ contoso . com

To exclude external warning to specific mailboxes:

To exclude external alert for some specific mailboxes similar back up, sales  mailboxes,  you tin use ' ExceptIfAnyOfToCCHeader ' parameter . To exclude recipients , run the script with -ExcludeMB param.

. / ExternalWarningRule . ps1 -ExcludeMB support @ contoso . com , sales @ contoso . com

Note: ExcludeMB  checks values for To and CC fields and all t he recipients of the mail are affected past this dominion, non just the detected recipient.

Execute this script with MFA enabled account:

To run this script with MFA enabled account, run the script with –MFA switch.

. / ExternalWarningRule . ps1 -MFA

To execute this script by passing credential as a parameter:

Instead of typing in popup, you can pass credential for non-MFA business relationship by using  – UserName  and –Countersign params.

. / ExternalWarningRule . ps1 -UserName admin @ contoso . com -Password XXXX

Configure External Sender Warning Bulletin through EAC:

Step 1: Login to EAC  and become to 'mail catamenia'. Click '+' to create a new rule.

Step two: Give a name for the rule. Eg: External e-mail alarm dominion

Step 3: In ' Apply this rule if ', select ' the sender is located in ' – Outside the organization. And add together one more dominion past clicking 'More than options…' at the lesser of the popup. So click 'Add condition' to add recipient filer.

Step 4: Ready ' Prepend the subject of the bulletin with ' as [External]:.

Step 5: If you desire to add a disclaimer for external mail, click 'add action'. Select ' Apply a disclaimer to the message ' –> ' Prepend a disclaimer '.

         – Specify the disclaimer text. You tin can copy and paste the beneath text:

<div id="footer" style="groundwork-color: #ffeb9c; width: 100%; border: 1px solid #FFEB9C; padding: 2pt; border-manner: solid; border-colour: #9C6500;"> CAUTION: This e-mail originated from outside of the organisation. Do non click links or open attachments unless you recognize the sender and know the content is rubber.</div>

        -Specify fallback activeness as 'Wrap'

Step 6: If you lot want to include whatever exceptions, y'all tin can use 'Except if'. Here, I take used 'if the recipient available in To or CC field'.

Step 7: Prepare rule severity based on the other rules in your organization.

Footstep 8: Salve the rule.

Now, when you lot get emails from external senders, 'External' added in the subject and 'External e-mail alert disclaimer' shown in the mail service content. You will be alerted like a below screenshot.

Decision:

Setting up mail flow rule is non difficult,  only it effectively protects u.s. against phishing attempts like domain spoofing, name spoofing, etc. However, this is not a perfect solution. Microsoft continuously working to defend such types of attacks. Customers who accept Office 365 Enterprise E5 or Avant-garde Threat Protection (ATP) tin can access the Spoof intelligence  in the Office 365 Security & Compliance Center .

How To Open Email Template In Office365,

Source: https://o365reports.com/2020/03/25/how-to-add-external-email-warning-message/

Posted by: jamesinaboust.blogspot.com

Share this post