Skip to main content

New Updates For Office 365 Will Include Phishing Protection

By October 19, 2020May 5th, 2022Cybersecurity

Are you an Office 365 user? If so, be aware that Microsoft is adding some powerful new protections to the software suite, designed to make you safer.

Hackers commonly target Office 365 users with a type of attack known as “Consent Phishing.” That basically means that the hacker in question will use a variety of social engineering techniques to try and trick a target victim into giving up his or her Office 365 access, usually by way of an app that asks for permissions. If the user grants those permissions, the app can install all manner of malware on the target’s device.

The new security upgrades that Microsoft is rolling out makes users safer in three different ways:

  • First by a general tightening of app consent policies
  • Second, by placing a greater level of scrutiny on publishers of OAuth apps during the verification process
  • Third, by changing the rules surrounding user consent when consent is asked for by an unverified publisher

These changes are already in place, and since their initial rollout, Microsoft has verified more than 700 different app publishers and more than 1300 individual apps. Verified apps can be recognized by the small blue badge with a white check mark in its center. Those apps, you can install with confidence.

As a Microsoft representative explained:

“To reduce the risk of malicious applications attempting to trick users into granting them access to your organization’s data, we recommend that you allow user consent only for applications that have been published by a verified publisher.”

It’s good advice, and these are excellent (even if they’re somewhat overdue) changes to the company’s policies. Kudos to Microsoft for rolling out the upgrades to their processes, and to the legitimate publishers who are already moving to embrace the recent changes. This will help keep users safe, and that’s a very good thing.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.