• Office 365 rant

    Home » Forums » Outside the box » Rants » Office 365 rant

    Author
    Topic
    #2314025

    Hello everyone. So part of the company made a step and moved to Office 365. Microsoft 365. Junk 356.

    Immediatelly after migration last week, mail spoofing and phishing attacks increased by hundreds of percents. This product IS SO AWESOME AND SAFE!!!

    Now our management came with the idea, that emails from external addresses are attached as .MSG files.
    So we cant search through these messages.

    I knew that this will happen, no matter what Microsoft PR department is trying to sell us, I simply do not buy it because IT IS NOT TRUE, ITS JUST MARKETING! 365 junk.

    Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

    HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

    PRUSA i3 MK3S+

    5 users thanked author for this post.
    Viewing 9 reply threads
    Author
    Replies
    • #2314264

      How does changing your software cause other people to send you phishing emails? Is it not just a coincidence?

      cheers, Paul

      • #2314267

        Thanks for the question, but changing SW is not all it takes. There is Office Admin Center in the cloud. Administration is not dne locally but its a service as a cloud (imagine something like MS Azure) and you can access your email via web interface. Thats the weak spot. By my opinion the cloud solution is to blame. Better to have administration within own (protected) domain instead of cloud solution.
        I really doubt its a coincidece, but I may be mistaken. Thats why I put this into rants forum.
        PS – people send phishing emails? Arent those done by some PHPmailer or something like that? Just asking, I am curious and I want to know more.

        Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

        HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

        PRUSA i3 MK3S+

        • #2314298

          Actually… it’s quite possible to detect service moves.

          There’s a little security implication in RFC1912 in that it recommends a way of constructing the zone “serial number” that contains the date of last change.

          Therefore, recent SOA record of mail domain + MX in 365 + recent RFC1912-type serial means higher probability of a new tenant, so a good target…

          Even more so if you also have an invalid or weird-looking SPF record, means probably transition in progress.

          And transition probably means confused users who therefore are easier targets than usual.

          And if someone’s planning on doing targeted or semi-targeted attacks, well, it’s sort of cheap to script DNS lookups say once or twice per day on a list of target candidates, and flag when there’s a change… even without a date of change embedded in the zone serial.

          3 users thanked author for this post.
        • #2315941

          The issue is not the cloud, the issue is how it’s set up and possibly the license you got.

          1. you want to go through this checklist – The Exchange Online Best Practices Checklist.docx (sharepoint.com) to lock down older protocols
          2. You want to turn on mfa
          3. You want to ensure Advanced threat protection is properly enabled – which includes enabling DKIM and all that

          The idea that you can do an on premise mail server cheaper – between the cost of licenses, and servers, and with the demise of Small Business Server, I’d beg to differ.

          Susan Bradley Patch Lady/Prudent patcher

          1 user thanked author for this post.
          • #2315969

            The idea that you can do an on premise mail server cheaper – between the cost of licenses, and servers, and with the demise of Small Business Server, I’d beg to differ.

            Depends on what you count for that.

            There’s a bit of a difference between “an on-premise mail server”, and a full-function “groupware” server (mail and calendar, contacts, etc) like Exchange.

            Bare email is feasible with all free software and quite minimal hardware these days. (Would of course need a backup MX or two, storage for the mailboxes and…)

            Now, all-free open source groupware server software with calendaring and all that does exist, but I can’t imagine anyone having to count working hours actually deciding to not get the support subscriptions at least for production use… so…

            You’d probably need to have hundreds of users (and multiple sites) before on-premises solutions would have a chance of breaking even, currently.

            So, yes. From way over here, Microsoft’s 365 pricing is cheap enough to look suspicious. And the various reported data breach and compliance hassles really don’t help that part.

            • #2316009

              It’s all in the configuration.  number 1 thing to make you more secure:  USE TWO FACTOR. (yes I’m shouting)  it really does make a huge difference.  Next turn off legacy protocols like imap, pop, etc.  These two things are HUGE.  When I talk about a mail server I mean an application like Outlook that works with Word and Excel and QuickBooks.  Something that allows you to set default mail clients, works and doesn’t depend on me trying to search forums for how to get it all working.  Open source works if you know how to code.  I don’t.

              Susan Bradley Patch Lady/Prudent patcher

            • #2316212

              More about this O365. I dont know if you want to answer this, nothing persnal here. I thank you for all your effort you do for us. We really appreciate. But for me its all about angle of view. I simply do not agree with Cloud being safer than on promise.
              Thank you once again – for the checklist and for those three points, they look like fundaments, that need to be met to ensure best security. Good advices.

              I read that checklist and I dont want to post off-context quotes here, but few things came to my mind. The complexity of this is great.
              – Its nothing easy and it has lot to learn, I see very lot of functions and adons on the description of Exchange Online. Including integration into Outlook client.
              – Thats good, cause according to the check list there is no more the option to “Remember my credentials” and I cant imagine people going through MFA multiple times when accessing their mail. that would be suicidal.
              – Also I should download some .ps1 scripts from gitHub and run them on my server? Checksums are mighty weapon, but.. I would be very carefull on a server.
              I could continue, but there is no need, because I dont have as much knowledge as needed.

              I know that I should move forward and stay in touch with latest technology. I want to and I try. I did try Azure (it was free for some time, so I created one). And I quite liked it! But I relly disagree with all statements how Cloud soulutions are more secure. They are if you set them so. Same with on-premise. Something stored on multiple dataceters cannot be more safe, that something stored locally and backed up on tapes.

              This does not have one solution. Its not black and white, there are at least 50 shades of gray 🙂

              Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

              HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

              PRUSA i3 MK3S+

    • #2314279

      Looks like coincidence to me. And yes, bots send the mail – it’s people behind the bots so as a generalisation it’s fine (subtleties of English).

      cheers, Paul

      1 user thanked author for this post.
    • #2314281

      So part of the company made a step and moved to Office 365. Microsoft 365. Junk 356.

      Your are probably aware that Microsoft monitors all Office 365/Microsoft 365 data and has a direct access to it, and transfers data to the FBI, NSA.. even for non-US users ?

      Microsoft shares banking data of Indian customers with US Intelligence agencies

      • This reply was modified 2 years, 10 months ago by Alex5723.
      3 users thanked author for this post.
      • #2314286

        I am not not aware, maybe you have more accurate information. And I have no possibility to know, what is happening “behind the scenes”. I can only interpret what big players are saying (MSFT, Google, Apple, Samsung, ..)

        And I think that nobody publicly admits he has problems/sells data these days. Its a pity, because honesty is part of good manners. Without honesty, civilisation is just bunch of savages, that tries to trick each other.

        And last note: since our email accounts are exposed somewhere in the cloud, I would bet my half year sallary, that some malware can snoop these accounts/data/addresses from the server. In our own infrastructure, I consider all data safe behind firewall. In the cloud not. Thats why I do not agree with angle of view of @Paul_T. Nothing personal here.

        Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

        HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

        PRUSA i3 MK3S+

        2 users thanked author for this post.
        • #2314380

          In our own infrastructure, I consider all data safe behind firewall. In the cloud not.

          If you have an email server within your own infrastructure to handle all intranet email, yes, it is secure behind your firewall.

          However, any email exchanges outside your own infrastructure (clients/contractors/suppliers) via the internet is going through “the cloud”, and is not protected by your firewall.

          Always create a fresh drive image before making system changes/Windows updates; you may need to start over!
          We were all once "Average Users". We all have our own reasons for doing the things that we do with our systems, we don't need anyone's approval, and we don't all have to do the same things.

          • #2315018

            That is correct, in the past we used exchange server only. And there was also communication with people outside organisation. But we added some emails to our address pool by creating 0365 accounts.
            Apart of Office365, you cannot access our emails outside domain, unless you are on a VPN, we do not use web interface (like OWA) to connect to our emails, thus I considered that as safe. You can access our email whenever we want in your smart phones, if we need it.
            Usually, FW blocked 10-100 a day messsages with unwanted links in it. When we created these online accounts, statistic looks more like 100 – 1000 per day.
            I say: someone can register with our email to some e-shop and it can cause this peak, but this looks like too much coincidence. Or maybe number of attacks/spam/whatever increased in the whole world. I dont know.
            Thank you for your opinion.

            Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

            HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

            PRUSA i3 MK3S+

      • #2314366

        Your are probably aware that Microsoft monitors all Office 365/Microsoft 365 data and has a direct access to it, and transfers data to the FBI, NSA.. even for non-US users ?

        Microsoft shares banking data of Indian customers with US Intelligence agencies

        “We never provide customer data unless we receive a legally valid warrant, order or subpoena about specific accounts or individual identifiers that we have reviewed and considered legally appropriate and consistent with the rule of law and our Microsoft principles.”

        Which similar services do not comply with legally valid warrants?

        Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

    • #2314381

      “We never provide customer data unless we receive a legally valid warrant, order or subpoena about specific accounts or individual

      No US judge or FBI.. have any authority regarding data of non-US banks, accounts…

      • #2314404

        No US judge or FBI.. have any authority regarding data of non-US banks, accounts…

        Unless the data is stored within the US?

        (I’ll assume you agree that all similar services comply with legally valid warrants.)

        Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

        • #2314440

          Yes, that’s exactly the problem here.

          Microsoft was earlier found to illegally transfer certain non-US data to US servers. They said it was by honest mistake though…

          Not that Microsoft is alone in that either.

          Really waiting for someone to actually bother enough to build up a high-profile court case.

          1 user thanked author for this post.
    • #2314427

      Just a non-technical observation- different e-mail clients use different spam filters, which usually need some ‘training’ when initially implemented.

      I’d be checking what was filtered out into spam/trash to see if you are losing any legit communications, as well.

      As people correctly label the received mail, the spam filter will become more accurate, and you will see less unwanted mail…

      Non-techy Win 10 Pro and Linux Mint experimenter

      • #2314452

        Ellis: “I’d be checking what was filtered out into spam/trash to see if you are losing any legit communications, as well.

        From my own experience, this definitely can happen, so one should always check the Junk folder contents before deleting them. In my case, this seems to happen mainly with messages from correspondents overseas. But it also, now and then, happens in reverse, with my messages sometimes ending in the Junk mail of my foreign correspondents.

        Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

        MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
        Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
        macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

        1 user thanked author for this post.
    • #2315026

      Unless the data is stored within the US?

      The data in the Indian banks hasn’t been stored in the US.

    • #2315872

      Sounds like you need to configure EOP properly.

      Microsoft recommendations for EOP and Defender for Office 365 security settings, recommendations

      There’s even a config analyzer you should use to see what you’re missing:
      Configuration analyzer for security policies – Office 365 | Microsoft Docs

      2 users thanked author for this post.
      • #2315876

        Thank you, its evident, that you are more experienced than me, to be honest I have no clue what are talking about. And according to that link its quite complicated procedure, that non experienced user has no chance to set up properly while attempting for the first time.
        Maybe its not obvious to MSFT team, but other people have more things to do, than try to reapair Microsoft non-funtional products every sigle day.

        I dont want to spend another another two weeks configuring O365. I like O2010 and I will stay as long as possible, I strogly recommended our management to stay on O2010. Seems like our German management has some spare money, that they do not need and they want to give them away to Microsoft. Thats pity.

        Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

        HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

        PRUSA i3 MK3S+

        1 user thanked author for this post.
    • #2315882

      There are a lot of angry cloud fearful people on this post. I’m sorry to have found that. The cloud can be more secure than anything on-premises but it all depends on how you configure it. The tools are many but if you chose not to use them, then yes, you’ll not be surprised when you get loaded up with phishing, spam and all manner of garbage from the unwashed Internet.

      Here are a couple of articles to get you started. Microsoft 365 administration: Email rules for security and privacy (techgenix.com) and Microsoft 365 administration: Email security policies (techgenix.com)

      Hope this helps you in securing your new cloud environment.

      Moderator note: Edit for content. Please follow the –Lounge Rules 11. No advertising, except by explicit prior arrangement.

      • #2315915

        The cloud can be more secure than anything on-premises but it all depends on how you configure it.

        That part I really disagree with. Among other things, cloud security depends on trusting the cloud infrastructure provider, and Microsoft isn’t considered quite trustworthy enough by a lot of people.

        It’s fairly cheap to build an Office 365 cloud system that has better availability especially regarding local physical damage than anything single-site on-premises, but credible and proven prevention of unauthorized access is another thing. (Especially if you’re worried about actual international espionage…)

        I mean, just the other year, Microsoft was caught sending fragments of documents from European users direct to one of their teams in the US, unauthorized. As in “unknown” words from spelling check being sent to the spelling check team… and everyone knows that happens a lot with multilanguage documents.

        • #2316191

          I was thinking exactly about the same sentence since yesterday.

          The cloud can be more secure than anything on-premises but it all depends on how you configure it.

          I say: maybe those functions that are protecting cloud are more sophisticated. But it seems as logical to me as buying new Dodge Ram to save some space in your garage. And the more complex program is, the more holes are there. Nearly everyday some vulnerability is dicovered. Dont tell me, that data stored on multiple locations are safer. Encrypted maybe 🤷‍♂️

          I still wonder.. Nearly everyday we see information abou ransomeware attacks and so on the bleepingcomputer.com for example. And my question is: do these hacked companies rely purely on On-Premise or do they use cloud solutions?
          Cloud I say. And once again that is just too much coincidence to me. Of course I can be mistaken, of course I can.

          Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

          HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

          PRUSA i3 MK3S+

    • #2316302

      I’ve never purchase Office 365 as I don’t believe in subscription products and, as a privacy buff, distrust Microsoft, the Cloud, etc.

      I’m decidedly low tech-  no cellphone- and am laughing at all of those who are upset that I don’t conform.  They’re the ones that are having all the privacy and data breach issues.

      Not that I don’t have the occasional issue- but that’s the price for I pay for being part of a database over which I have no control.

       

    • #2339253

      Few months later, I have another issue with O365.
      The visual appearance is just awfull especially in outlook. The design is eye hurting. Why does it have to look like Windows 95 program? I find these changes that were made useless. “More fluent design” is useless without usable UI. You cant imagine how many users are complaining in our company..
      For example, why I cant set to display one email per one line?
      why is the “email account” dialog still the same from old control panel? Shouldnt this be reworked BEFORE Office 365 were introduced? Why they build it on 15 years old interface? Oh wait.. There is no time for that, greedy ones need MORE money.

      In excel, selecting cells is broken (if you select cells over some hidden cells, it just does not do, what it should do).

      Why I have the feeling, that its the same product as before, just with reworked UI so Microsoft will sell it as a different product? I bet Microsoft will hae record breaking income this year.

      The only usefull thing I found is converting *.docx to *.html I think…

      Sorry for the rant, but its just hapenning more and more often these “changes in sake of greater income”, its not helping Microsoft, its just bothering people. But you are not listening anyway, I wrote lots of feedback with no answer, so..

      Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

      HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

      PRUSA i3 MK3S+

      • #2339710

        For example, why I cant set to display one email per one line?

        You can do that:

        View, Change View, Single

        View, Message Preview, Off

        (and if required; View, Change View, Apply Current View to Other Mail Folders)

        How do I force Single-Line layout to actually use a single line?

        Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

        1 user thanked author for this post.
        • #2339750

          Thank you for your advice. I turned off message preview and copied my setting to other folders, now it looks adequate and organized.

          But I still wonder whats the point of application that uses “modern cool look” just on the front screen, when in fact all other dialogs are still on the old interface. Color schemes change just the main screen, all other is just the same as it is for last… 10 years? No real benefit for me after two months, whats more, even those cosmetical chnages do not look good. Waste of money.

          Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

          HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

          PRUSA i3 MK3S+

          1 user thanked author for this post.
          b
    Viewing 9 reply threads
    Reply To: Office 365 rant

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: