Display Name Spoofing / Impersonation is a simple but effective way hackers will try and obtain information, divert funds, and defraud you and your staff.
The hackers will look for executives within your company and then create valid email addresses with their display names on common mailing platforms, and then send requests through requesting funds transferred, bank details etc.
In a busy workplace with only a glance at the display name it would be easy to action these requests without further thought.
The problem is this type of spoofing uses valid email addresses from valid domains, but with the same display name as executives, so mechanisms like SPF, DKIM and DMARC won’t pick them up.
However, by implementing a simple mail-flow rule, you can easily add a warning to this type of message which should prompt the end use to proceed with caution.
In this post we’ll look at how to enable SharePoint auditing. Recently I’ve been investigating some mysterious folder moves which the end users couldn’t explain, but folders were disappearing and reappearing elsewhere.
My first thought was that they have been dragged and dropped by mistake with a touchpad, it’s so easy to do if you aren’t careful.
My second thought was to check the SharePoint audit logs. Read on to learn how to enable SharePoint Auditing and view the available reports.
By default SharePoint Auditing isn’t enabled in Office 365.
If you use Multi Factor Authentication in an Office 365 environment then you will need to use App Passwords for some applications that don’t support Multi Factor Authentication like Outlook, or other email clients on mobile devices.
If you’ve forgotton your App Password or need to delete or create a new one, here is where to find them and how to create a new one.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.