Office 365: Blocking automatic forwarding of emails to external users
Auto-forwarding emails is a method known to be utilised by disgruntled employees to steal confidential data from your business or organisation, but did you know auto-forwarding emails is becoming an ever increasing attack method used by hackers?
The two common ways to forward emails are:
- Email rules. This is initiated by users and can be turned on and off as required by the users. Changing this setting may be done through email applications such as Microsoft Outlook, Online through the online email mailbox such as Outlook Web Access.
- Transport rules. The IT industry term “transport rules”, which are also commonly known as mail flow rules, can be used to identify and act on emails coming into your business. This is not only limited to Microsoft Office 365 but other email services including self-hosted or in-house solutions. Transport rules would typically be setup, managed and altered by your mail host or IT Support.
It is important for you and your business to be aware of any email protocols, which allow automatic forwarding of emails outside of your organisation. To improve security, we recommend that you disable this functionality by default. This may need to be done by your service provider or email host. If an email account is hacked and auto-forwarding email is enabled, there will be no way of knowing that you are sharing all your emails with the hacker.
Auto-forwarding mail to external contacts can have some legitimate use. However, it is risky. Allowing staff to automatically forward mail to external email addresses brings the danger of information leakage. Additionally, your employees can select not to keep copies of the forwarded messages in their business mailboxes. This means emails do not get archived and will not be available for future reference.
What are we doing for our customers?
As a standard security measure for our clients, our Microsoft Certified engineers will roll out procedures this month (February 2018) to disable automatic forwarding of emails on all of our clients hosted Office 365 subscriptions. To ensure there is no impact, our team will first check the entire organisation for any email rules which auto-forward emails to external addresses. If any are found we will notify the user and implement an exclusion, to allow the forwarding of emails to legitimate destinations to continue. Once completed, our engineers will implement the auto forward block across the entire Office 365 client network.
It is worthwhile noting that this will not impact internal email forwarding or forwarding an email to an external address once it has been received in users’ mailboxes.
Trust certified professionals to keep you safe
Think Technology Australia is a certified Microsoft Gold Partner, our team has the expertise to advise you on and implement best practices and solutions to protect your business from illegal email hacks and scams.
Want to know how email forwarding has been used by hackers, speak to one of our team today, 1300 920 866