Hardening your Office 365 configuration: Best practices for preventing email account takeovers
Office 365 email account takeovers show no signs of
slowing down in 2022. Organizations responding to these
attacks often must deal with compromised credentials,
unauthorized wire transfers, and expensive remediation.
How do account takeovers happen?
How does an account takeover put you at risk?
Email account takeovers are one form of business email
compromise (BEC). For more on BEC generally and how to
protect your organization, see Business email compromise best practices.
How to harden your O365 configuration
To help reduce the frequency and severity of these attacks,
O365 administrators should take the following steps to
mitigate the risk of a successful attack in the Office 365
• require multi-factor authentication
• limit or disable remote access
• use Microsoft’s Secure Score
• manage message forwarding
• turn on audit logging and mailbox auditing