---
title: "More Bad News for Microsoft 365 Users | Phish Protection"
description: "As we"
image: "https://phishprotection.com/og/blog/more-bad-news-for-microsoft-365-users.png"
canonical: "https://phishprotection.com/blog/more-bad-news-for-microsoft-365-users/"
---

Quick Answer

As we've written about many times before, \[Microsoft Office 365's native security\](/blog/think-office-365-will-protect-you-from-phishing-think-again/) does \*\*not do a very good job\*\* of protecting you from phishing attacks which makes \[Office 365 extremely vulnerable\](/blog/one-more-reason-why-office-365-is-so-vulnerable-to-phishing-attacks/) to them. Now comes \[news\](https://betanews.com/2020/05/11/microsoft-365-phishing/) of a targeted email \_phishing attack specifically designed to bypass the already vulnerable Office 365 security\_.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fmore-bad-news-for-microsoft-365-users%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=More%20Bad%20News%20for%20Microsoft%20365%20Users&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fmore-bad-news-for-microsoft-365-users%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fmore-bad-news-for-microsoft-365-users%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fmore-bad-news-for-microsoft-365-users%2F&title=More%20Bad%20News%20for%20Microsoft%20365%20Users "Share on Reddit") [ ](mailto:?subject=More%20Bad%20News%20for%20Microsoft%20365%20Users&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fmore-bad-news-for-microsoft-365-users%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/05/spear-phishing-prevention-8319.jpg) 

As we’ve written about many times before, [Microsoft Office 365’s native security](/blog/think-office-365-will-protect-you-from-phishing-think-again/) does **not do a very good job** of protecting you from phishing attacks which makes [Office 365 extremely vulnerable](/blog/one-more-reason-why-office-365-is-so-vulnerable-to-phishing-attacks/) to them. Now comes [news](https://betanews.com/2020/05/11/microsoft-365-phishing/) of a targeted email _phishing attack specifically designed to bypass the already vulnerable Office 365 security_.

“The attack is a variant of ‘PerSwaysion’, a recent spate of credential **phishing attacks** that utilize compromised accounts and _leverage Microsoft file-sharing services to lull victims into a false sense of security_.”

![Spear phishing prevention](https://media.mailhop.org/phishprotection/images/2020/05/spear-phishing-prevention-8319.jpg) 

The culprit here is Microsoft’s file hosting service OneDrive, which is used as the **main conduit** for the phishing attack. “By using OneNote to host the final OneDrive **phishing link** the people behind the attack hope to convince victims to hand over their credentials. The attackers also created a new domain for the link in this attack, so _it got past any filters that were created to block known bad links_. The link in the email led to multiple web pages that were painstakingly made to **resemble legitimate** Microsoft pages.”

This is a classic example of why Microsoft is such a big target and why they are so **vulnerable to phishing attacks**. _Microsoft’s attack surface is so large, hackers only have to replicate a small portion of it_, leaving the remainder intact. Since only a “portion” is malicious, while the rest is legitimate, it’s almost impossible for users, and apparently Microsoft’s own security, to detect it and therefore the phishing emails get through. It’s also why, if you use Office 365 and you really want to protect yourself from phishing attacks, you’re going to have to go outside the Microsoft family to do so.

![Anti phishing protection](https://media.mailhop.org/phishprotection/images/2020/05/anti-phishing-protection-5804.jpg) 

_The best way to augment Office 365’s native security is with **cloud-based email security**_ like that available from Phish Protection. What makes Phish Protection so effective in [protecting Office 365](/office-365-phishing-protection/) is that it’s outside Microsoft’s attack surface. It can therefore objectively analyze all emails regardless of where the linked-to page resides and evaluate it on its own merits. _By analyzing emails before they cross the Microsoft “threshold,” Phish Protection provides the security Microsoft can’t seem to_.

[Phish Protection](/) requires no hardware, software or maintenance. It sets up in 10 minutes, _works with all the major email providers including Office 365 and only costs pennies per user per month_.

If you’re already committed to Office 365 and you don’t want to be a statistic, _try Phish Protection **free for 60 days**_.

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"More Bad News for Microsoft 365 Users","description":"As we've written about many times before, Microsoft Office 365's native security does not do a very good job of protecting you from phishing attacks which.","url":"https://phishprotection.com/blog/more-bad-news-for-microsoft-365-users/","datePublished":"2020-05-20T13:01:16.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-05-20T13:01:16.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/more-bad-news-for-microsoft-365-users/"},"articleSection":"foundational","keywords":"Phishing","wordCount":419,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/05/spear-phishing-prevention-8319.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"More Bad News for Microsoft 365 Users","item":"https://phishprotection.com/blog/more-bad-news-for-microsoft-365-users/"}]}
```