Microsoft is making a big change to Outlook in a bid to further protect against cyber attacks – from 31st August, automatic external forwarding of emails will no longer be possible.
If you have an automatic external forwarding rule set up, then from 31st August you’ll receive a Non-Delivery Report (NDR).
Why are they making this change?
Automatic external email forwarding is a tactic used by cyber-criminals to extract data from a company and then manipulate this for financial reward. This change is designed to try and clamp down on the number of phishing attacks that businesses are hit by every day.
How do phishing attacks work?
For example, you receive a phishing email pretending to be from a trusted source, tricking you into logging into something – the cyber-criminals then have your email address and password.
Then can now log into your email and manipulate your account to commit fraud, for example, to get money from your suppliers, staff etc.
Now that they have access to your email, they can then set up an external forwarding rule for certain emails, such as invoices, to get forwarded to themselves and then deleted from your account, so you never have any record of receiving that email. Everything they do is hidden.
What should I do now?
Just be aware that if you receive lots of NDRs after 31st August, it is an indication that your mailbox might have been compromised, with emails being forwarded to cyber-criminals. You should contact your IT Partner and ascertain how long it’s being going on for, and then consider whether the breach is a Notifiable Breach for the ICO.
Can this be over-ridden?
Microsoft will provide a control for administrators to enable automatic external forwarding for select people within your company.
What about internal automatic forwarding?
Internal automatic forwarding of messages will not be impacted by this change.