fbpx
Back Arrow Back to All Integrations

Microsoft 365 – Inbox Forwarding Rule

Microsoft 365 – Inbox Forwarding Rule
Product

Microsoft 365 Inbox Forwarding Rule

The creation of an Microsoft 365 inbox rule is often a technique used to exfiltrate email that is often used for recon purposes in a staged attack. By monitoring for new inbox rule creation, you can have immediate awareness of what could be a malicious activity.

 

Sign Up For Your Free Account Today

Get your free account with Blumira and secure your Microsoft 365 environment in minutes. No credit card required.

 

Free Trial

Set Up Instructions

How to Test Office365 Inbox Forwarding Rule

Prerequisites:

  • Office 365 module is configured and properly logging to Blumira

Testing Steps:

  1. Sign in to office365 email account in Outlook
  2. Navigate to Settings > View all Outlook settings
  3. Mail > Forwarding > Enable forwarding > add forwarding email address > Click Save
  4. Within minutes, a finding (alert) appears within the Blumira responder dashboard