M365 Defender Fails to detect Images looking like M365 emails with embedded URL shorteners

bclemmybot@lemmy.beyondcombustion.netM to

Sysadmin@lemmy.beyondcombustion.netEnglish · 1 year ago

Crossposted using Lemmit.

Original post from /r/sysadmin by /u/darking_ghost on 2023-07-07 14:50:29+00:00.

So I recently have seen some users (from multiple tenants) reporting that they received emails as such, https://snipboard.io/3GRm1S.jpg where it’s just an embedded image and embedded link (rather than HTML) redirecting to malicious sites, they use bitly, google ads, etc.

Is this something new? Is there anything I can improve in my policies?

We have anti-spam and phishing (Phishing threshold set to 3)setup as well as safe links, whenever something is detected it goes to quarantine)

You must log in or register to comment.

Chat

Sysadmin@lemmy.beyondcombustion.net

sysadmin@lemmy.beyondcombustion.net

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !sysadmin@lemmy.beyondcombustion.net

A reddit dedicated to the profession of Computer System Administration.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

0 users / day
0 users / week
1 user / month
2 users / 6 months
1 local subscriber
1 subscriber
50 Posts
0 Comments
Modlog