Display Name Spoofing / Impersonation is a simple but effective way hackers will try and obtain information, divert funds, and defraud you and your staff.
The hackers will look for executives within your company and then create valid email addresses with their display names on common mailing platforms, and then send requests through requesting funds transferred, bank details etc.
In a busy workplace with only a glance at the display name it would be easy to action these requests without further thought.
The problem is this type of spoofing uses valid email addresses from valid domains, but with the same display name as executives, so mechanisms like SPF, DKIM and DMARC won’t pick them up.
However, by implementing a simple mail-flow rule, you can easily add a warning to this type of message which should prompt the end use to proceed with caution.
In this post we’ll look at how to enable SharePoint auditing. Recently I’ve been investigating some mysterious folder moves which the end users couldn’t explain, but folders were disappearing and reappearing elsewhere.
My first thought was that they have been dragged and dropped by mistake with a touchpad, it’s so easy to do if you aren’t careful.
My second thought was to check the SharePoint audit logs. Read on to learn how to enable SharePoint Auditing and view the available reports.
By default SharePoint Auditing isn’t enabled in Office 365.
If you use Multi Factor Authentication in an Office 365 environment then you will need to use App Passwords for some applications that don’t support Multi Factor Authentication like Outlook, or other email clients on mobile devices.
If you’ve forgotton your App Password or need to delete or create a new one, here is where to find them and how to create a new one.