News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Watch: Office 365 – The trendy new phishing target

    Home Forums AskWoody blog Patch Watch: Office 365 – The trendy new phishing target

    Viewing 6 reply threads
    • Author
      Posts
      • #345036 Reply
        woody
        Da Boss

        Here phishy, phishy, phishy….. Attacking Windows 10 is so yesterday. Malicious hackers have known for some time that phishing is a fruitful and chea
        [See the full post at: Patch Watch: Office 365 – The trendy new phishing target]

      • #345048 Reply
        anonymous
        Guest

        This is one of the reasons I have for not leaving on-premise Exchange for Office 365.  Our users don’t have Office 365 logins, so they can’t get tricked into giving up credentials they don’t have.

      • #345069 Reply
        doriel
        AskWoody Lounger

        Next year, our company will switch from Office 2010 to Office 365. This will be massive crash, I suppose. FYI some Excel files are still stored in *.xls format. Does anyone have experience with that big step “forward”?

        Dell Latitude E6530, Intel Core i5 @ 2.6 GHz, 4GB RAM, WX 1809 Enterprise

        HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

        • #345081 Reply
          Susan Bradley
          AskWoody MVP

          They can still be opened in Office 365.

          Susan Bradley Patch Lady

          1 user thanked author for this post.
      • #345087 Reply
        b
        AskWoody Plus

        Susan Bradley said;
        According to a Petri report, there were 155 million active Office 365 users in the fall of 2018, and the number was still growing rapidly.

        … commercial users.

        Plus 32.5 million consumer subscribers (bottom line of slide at top of report).

        So 187.5 million active Office 365 users in the fall of 2018.

        Windows 10 Pro Version 2004: Group ASAP (Pioneer/Chump)

      • #345096 Reply
        b
        AskWoody Plus

        Susan Bradley said;
        ATP can be added to all Office 365 installations for as little as U.S. $2 per mailbox.

        Office 365 ATP will be available for purchase to all commercial customers for $2 per user per month.
        https://www.microsoft.com/en-us/microsoft-365/blog/2015/04/08/introducing-exchange-online-advanced-threat-protection/

        Not available for Office 365 Home or Personal users at any price:

        Office 365 Advanced Threat Protection (ATP) availability
        You can add ATP to the following Exchange and Office 365 subscription plans:
        Exchange Online Plan 1
        Exchange Online Plan 2
        Exchange Online Kiosk
        Exchange Online Protection
        Office 365 Business Essentials
        Office 365 Business Premium
        Office 365 Enterprise E1
        Office 365 Enterprise E3
        Office 365 Enterprise F1
        Office 365 A1
        Office 365 A3

        https://docs.microsoft.com/en-us/office365/servicedescriptions/office-365-advanced-threat-protection-service-description

        Windows 10 Pro Version 2004: Group ASAP (Pioneer/Chump)

        • #345504 Reply
          Susan Bradley
          AskWoody MVP

          Sorry forgot about that.  IMHO it should be default in ALL 365 plans.

          Susan Bradley Patch Lady

          2 users thanked author for this post.
          Elly, b
      • #345505 Reply
        Mr. Natural
        Guest

        I can confirm our Office 365 users are receiving quite a few phishing emails from malicious sources appearing to come from O365 “account management”, Adobe, Dropbox, One Drive to name a few. The good thing is we already are using a third party tool that does what ATP does and more. The great thing about this program is that whenever we get a phish attempt I submit that to their database which is added to the global list of known malware hosts. It also redirects links in email to first go through their servers to check for a malicious link and prevent the connection if it is not legit.

        We also have trained our users how to handle email with another program that periodically sends a test email to users which are supposed to be forwarded to I.T. Over time our people have become great at detecting and reporting phish attempts.

        Every business…..actually everyone but corporate entities especially should devote some time to train people on email use. It does make a difference.

        The one thing that bugs me is that our people also are getting emails from what appear to be another user in our organization and these crooks know which people to direct certain topics to. Such as attempting to gain access to banking accounts directed to our Finance people. They are failing to compromise us so far because I see the attempts increasing lately. It seems like frustration on their part at failing to compromise a user.

        This activity originated before we started using O365 for email hosting so this is not just an office365 issue.

      • #345506 Reply
        anonymous
        Guest

        #345069

        For various reasons, I operate across machines with Office 97, 2007, 2010 and 2016 installed.

        A fairly complex .xls file works across the lot, forward and back.  However, if whilst working in Office 2016, I introduce something like =XIRR(etc), that function will be converted to #REF in Office 97 and ignored.  Office 97 doesn’t change the command, so it will still work correctly in 2016, but Office 97 cannot work out what to do with the command.

        An .xlsx is not backwards compatible with Office 97.  The maximum no of rows in the .xls format is 65,000, IIRC.  I have reached 160,000 rows (don’t ask…) in an .xlsx file without a problem.

         

    Viewing 6 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Watch: Office 365 – The trendy new phishing target

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.