Configure further Office 365 anti spam options

Enable 2FA where possible

  • Enable Multi-Factor or 2FA everywhere - you are harder to phish if its enabled

    • Consider hardware tokens universally, if not possible hardware for users that can make financial decisions. 

    • Software 2FA should be configured for all users

The following links provide additional information and details re Office 365’s extensive anti-spam configurations:

Using Transport Rule to get copies of emails:

Managing International Spam

On the International Spam settings, you can filter out email messages written in specific languages, or sent from specific countries or regions

Attachment Blocking

Ensuring RFC-compliant From addresses

Malware Detection Policy