Protect Your Organization from Outlook Phishing Attack using External Email Tagging |

On Day 10 of Cybersecurity awareness month, learn to safeguard your Office 365 environment from phishing attacks today. Stay tuned for more blogs in the Office 365 Cybersecurity blog series.

Phishing attacks are the top cybersecurity attacks in recent days. According to the Egress report, 85% of Microsoft 365 organizations reported phishing attacks last year.

In phishing attacks, malicious actors send messages/emails pretending to be trusted persons or organizations. Employees are the first line of cyber defense. So, Office 365 admins should take the necessary steps to upskill their users.

Since most scam emails originate from external sources, it’s better to create awareness among users before opening the external emails. With the ‘External email tagging’ feature, an “External” tag can be added to the external emails. It helps Outlook users handle those emails with extra attention.

Why we should Add External Tag in Outlook?

There is no silver button solution with cyber security, a layered defense is the only viable solution.
-James Scott

Earlier, admins used to prepend “EXTERNAL” in the external emails’ subject, which makes previewing the email subject hard. So, Microsoft introduced the ‘External tag’ feature. Adding an external email warning tag helps in the following cases.

To prevent users from clicking malicious links and attachments sent by external users.
Even if your organization enabled SPF, DKIM, and DMARC, sometimes it failed to prevent phishing and spam emails.

How to Enable External Email Tagging in Exchange Online?

Office 365 admins can enable external email tagging through PowerShell.

Step 1: Connect to Exchange Online PowerShell.

Connect-ExchangeOnline

Step 2: Enable external tag by running the below cmdlet.

Set-ExternalInOutlook –Enabled $true

If you want to exclude specific domains from external tagging, you can add those domains through ‘AllowList’.

Set-ExternalInOutlook -AllowList @{Add="contoso.com", "microsoft.com"}

Now, emails received from external domains such as Contoso and Microsoft will not have the external tag.

To view external email tagging settings, run the following cmdlet.

Get-ExternalInOutlook

How External Email Tagging Works?

After configuring external email tagging, you should wait up to 48 hours. After that, emails from external domains are tagged with ‘External.’ It won’t take action on older emails.

Sometimes, the email from the external user looks like an internal email (John@conteso.com instead of John@contoso.com). But not! In that case, external tagging assists users from being compromised.

Enhance External Email Security with AdminDroid Office 365 Reporting:

Apart from external email tagging, admins can enhance ability to track and mitigate phishing and malicious emails with AdminDroid Office 365 reporting tool.

AdminDroid provides 350+ Microsoft 365 email reports including,

Spam and malware detection reports,
Phishing email analysis reports,
Email quarantine reports,
Spoof email analysis reports,
User activities reports,
External email analysis reports and more.

With these pre-built reports, you can easily manage Exchange Online environment effectively. Additionally, AdminDroid provides 1800+ reports and 30+ dashboards on various services like Azure AD, Microsoft Teams, SharePoint Online, OneDrive for Business, Power BI, Streams, and more.

Empower your Office 365 management with AdminDroid: Simplify reporting, gain insights, and strengthen security.

Conclusion:

Be suspicious of any unexpected email attachments, even if they appear to be from someone you know. If you are unsure about the person who is sending you an email, be very careful about opening the email and any files attached.

Have you experienced any email scams? Share your experience through the comment section.