Microsoft 365 is a cloud-based productivity environment that includes several different applications and services, such as Word, Excel, PowerPoint, Outlook, OneDrive and Microsoft Teams.
In this section, you will find instructions related to ensuring the security of Microsoft 365 services.
Criminals are constantly phishing for Microsoft 365 account credentials and using the account names and passwords obtained through phishing attacks to hijack M365 accounts.
Advice on how to better protect the organization's Microsoft 365 services has been collected in this guide prepared by the Finnish Transport and Communications Agency Traficom's National Cyber Security Centre.
This guide prepared by the Finnish Transport and Communications Agency Traficom's National Cyber Security Centre advises how how you can regain control of your account and warn others.
The instructions also explain how to isolate your account, determine what the attacker has done and what you can do to prevent account compromise.
The adversary-in-the-middle (AiTM) technique bypassing multifactor identification has become more prevalent in phishing for Microsoft 365 usernames and passwords.
This article by the Finnish Transport and Communications Agency Traficom's National Cyber Security Centre explains the process of phishing using the AiTM technique, identifying this type of fraud and effective protective measures.
