troubleshooting Question

office365 email compromise

Avatar of Pau Lo
Pau Lo asked on
ExchangeMicrosoft 365OutlookSecurity
5 Comments2 Solutions95 ViewsLast Modified:
If someone has compromised as in gained unauthorised access) to an Office365 email account, for the purposes of data access, is there anyway they could lead emails out to an external address without it leaving a trace in the tracking logs? With such an attack how is it likely the attacker would make use of the access they have achieved through whatever compromise, to read/use the data? It seems a bit simplistic to me to just start forwarding them outwards, but I am not sure how these attacks happen and what exactly it is they would do with their access once achieved (and how to determine what if anything they did do once access was achieved).
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 2 Answers and 5 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros