Office 365 Business Email Compromise Investigation

Microsoft Office 365 Phishing Attack Investigation

Office 365 Phishing attacks are on the rise, spear phishing and social engineering methods are used to steal O365 user data, including login credentials. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email that contains a URL to share a file via sharepoint. Office 365 attacks are classified as Spear phishing  that consist of email spoofing attacks, targeting a specific organization or individual, seeking unauthorized access to sensitive information such as email accounts or file share. Hackers are targeting large organisations that run on office365 and specific targets are group mailboxes. Digitpol investigates hacked office 365 accounts and O365 fraud on a daily basis and can identify if hackers are still active within an organisation and identify how the attack took place.

Office 365 Phishing Attack Investigation

Digitpol's Cyber and Fraud Team are certified examiners and can assist to all cases related to Office 365 and Email phishing attacks, email scams and fraud. Digitpol can deploy computer forensic examiners to investigate the hack, determine how it took place and report the findings, Digitpol ensures that hackers are not active in your network and ensure your user accounts policies and rules are configured correctly to prevent further attacks. The following points are the first in each O356 attack investigation.

  • Forensic analysis of logs using certified analysis tools, all O365 IP and registry logs with operations such as, User Logged-In logs / User Login Failed / Inbox Rules / change of Inbox rules or policies / change passwords of Microsoft Office365 accounts involved in the attack and suspected accounts or all accounts.
  • If an account holder was hacked by content, attachment or phishing email, we can conduct forensic analysis on suspected emails, headers related to the attack, outgoing and incoming. Email Files are required in raw format (.msg or .eml files).
  • Forensic examination of targeted computers, phones, tablets, forensic analysis of devices to discover malware or active intruders.
  • Server / On-site exchange forensic analysis.

If your company has been targeted by an MS Office 365 phishing attack, we can help you, but only if you act fast!

Are you effected by a O365 Phishing Attack? 

If a phishing attack happens to you, you need to respond quickly. Phishing attacks and email fraud can lead to major disruption and financial disasters.

If you encounter or believe that you have been the victim of online or internet fraud (i.e. phishing, fraudulent text messages etc.), please send an email to Be sure to attach any supporting documentation such as copies of suspicious emails, text messages and questionable links/URLs.

Digitpol is available 24/7.

Phone: +31558448040 / +85239733884

Request Assistance