Microsoft’s Report Phishing tool will flag suspicious emails to the National Cyber Security Centre.
By | August 16, 2021 — 10:22 GMT (11:22 BST) | Topic: Security
A new button and add-on for Microsoft 365/Office 365 accounts and Outlook allows employees to report scam emails directly to the UK’s National Cyber Security Centre (NCSC). 
The button is an upgrade to the NCSC’s existing Suspicious Email Reporting Service (SERS), which has received over 6.6 million reports since launching in April 2020. As of 30 June, NCSC had removed over 50,500 scams and 97,500 URLs.
While email filtering systems can stop some phishing attacks reaching staff inboxes, scammers are always looking for ways to bypass filters — for example, by hosting scams on Google cloud services, creating Office 365 phishing pages, or compromised SharePoint sites to trick victims into entering their work account credentials. 
SEE: This new phishing attack is ‘sneakier than usual’, Microsoft warns
The ‘typical’ phishing URLs that NCSC handles include tricking staff to click a link that downloads malware on a work computer, creating cloned login pages, and email with fake alerts about work software such as Microsoft Teams.
«Opportunistic scams during the pandemic have demonstrated how cyber criminals constantly find new ways to target us,» said NCSC technical director Ian Levy. 
«The good news is that you can help protect your workplace by forwarding suspected scam emails to the Suspicious Email Reporting Service (SERS) from your work email account at the click of a button.»
NCSC has provided guidance for admins to enable the Office 365 ‘Report Phishing’ add-in for Outlook.
The Report Phishing tool is actually made by Microsoft and can be installed from Microsoft’s AppSource site. After installing the add-in, admins need to create a mail flow rule to report phishing instances to SERS. After it’s enabled, a new Report Phishing button appears in main Outlook toolbar. For Outlook on the web, the Report Phishing button appears in the sidebar. 
«The NCSC’s Suspicious Email Reporting Service (SERS) enables the public to report suspicious emails by sending them to report@phishing.gov.uk. The SERS analyses the emails and where found to contain links to malicious sites, seeks to remove those sites from the internet to prevent the harm from spreading,» NCSC notes. 
SEE: Malware developers turn to ‘exotic’ programming languages to thwart researchers
The reports are sent to both Microsoft and the NCSC. 
For organizations that cannot install the Report Phishing button for Outlook, NCSC is still encouraging businesses to forward or attach scam emails to send to report@phishing.gov.uk.
By | August 16, 2021 — 10:22 GMT (11:22 BST) | Topic: Security
Security
Securing Microsoft Edge: Switch off JIT compilers or sandbox?
Google
Google’s automated voice attendant gets custom audio prompts
Google
Android 12: New feature allows you to control the UI with face gestures via phone’s camera
Google
Google’s Apricot subsea cable will strengthen Asian connections
Please review our terms of service to complete your newsletter subscription.
By registering, you agree to the Terms of Use and acknowledge the data practices outlined in the Privacy Policy.
You will also receive a complimentary subscription to the ZDNet’s Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe from these newsletters at any time.
You agree to receive updates, alerts, and promotions from the CBS family of companies – including ZDNet’s Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe at any time.
By signing up, you agree to receive the selected newsletter(s) which you may unsubscribe from at any time. You also agree to the Terms of Use and acknowledge the data collection and usage practices outlined in our Privacy Policy.
Twitter to allow users in US, South Korea, and Australia to report misleading tweets
Company warning up front it will not be able to respond to every report.
Fortinet slams Rapid7 for disclosing vulnerability before end of 90-day window
Fortinet said it would be releasing a patch by the end of the week.
CISA releases alert on BadAlloc vulnerability in BlackBerry products
The affected BlackBerry software is in nearly 200 million cars as well as thousands of industrial control devices, medical tools and more.
Best VPN 2021: Top VPN services reviewed
Virtual private networks are essential to staying safe online — especially for remote workers and businesses. Here are your top choices in VPN service providers and how to get set …
Patch released for Fortinet command injection vulnerability
A Rapid7 researcher discovered the issue, which was addressed in a recent Fortinet update.
How does ExpressVPN work? Plus how to set it up and use it
ExpressVPN is one of our higher-rated VPNs. Here’s everything you need to get it, install it, configure it, and use it successfully.
Securing Microsoft Edge: Switch off JIT compilers or sandbox?
Microsoft’s Super Duper Secure Mode is ready for testing, but Google has an alternative approach to JIT vulnerabilities in the V8 engine.
IPVanish review: A VPN with a wealth of options
Whether you’re looking for an easy-to-use VPN or one where you can choose from a wide range of encryption protocols, want to specify active features, or get involved in the specific …
iProVPN deal: Get lifetime protection for only $40
Now you can have worry-free browsing for the rest of your life without putting your identity and data at risk or breaking the bank.
© 2021 ZDNET, A RED VENTURES COMPANY. ALL RIGHTS RESERVED. Privacy Policy | Cookie Settings | Advertise | Terms of Use

source

Por redditxxx