Phishing Awareness Training for Office 365

Microsoft provide Phishing Awareness Training for Office 365 (delivered in partnership with Terranova Security).

Phishing Awareness Training is part of the Microsoft Defender security suite and is one of the many reasons that make Microsoft a compelling choice when it comes to security – if you weren’t already aware, Microsoft are leaders in 5 Gartner Magic Quadrants for security!

Phishing Awareness Training for Office 365 is called ‘Attack Simulation Training’ and is available in the Microsoft 365 Defender portal. It allows you to test your user’s awareness of this common scamming technique and provides learning tools to help them upskill.

Required Licencing to use Phishing Awareness Training for Office 365

Attack Simulation Training is included in the Microsoft Defender for Office 365 Plan 2 licence and is bundled with the following:

  • Microsoft 365 E5
  • Office 365 E5
  • Business Premium
  • Microsoft 365 E5 Security (add-on)
  • Microsoft 365 F5 Security (add-on)
  • Microsoft 365 F5 Security & Compliance (add-on)

Setup Phishing Awareness Training for Office 365

This article won’t go into the finer detail of how you setup the phishing awareness training ‘campaign’, but you should find it straight forward. You’ll find Attack simulation training under the ‘Email & collaboration’ section.

From there you can launch a one-time campaign from the ‘Simulations’ tab, or an on-going one from ‘Simulation automations’ tab:

The wizard will take you through the setup process. There are several phishing techniques that can be used:

These techniques come with ‘payloads’ (or emails) used to trick users into giving up personal information such as credentials or tigger malware. You can also create your own payloads.

You’ll then select your target users, launch dates, and run times, as well as assign training modules.

What does Phishing Awareness Training for Office 365 look like for your users

It all starts with an email (payload) to trick your users. Here’s an example:

In this example (there are many based on the chosen payload), if the user follows the sign-in link, they will be presented with a typical looking Microsoft sign-in page where they can enter their username and password!

And if they do, they will be presented with the following message that lets them know they could have been phished. If you assigned training, they have the option to view that too:

Training reminders are also sent to the user’s inbox. The reminders also come with a handy calendar attachment (.ics file) that allows them to quickly schedule the training in their calendar:

 

Phishing Awareness Training for Office 365 assignments

When you click through to complete the training you will be presented with a list of assignments.

Phishing Awareness Training for Office 365 modules

The following are a couple of examples of the training modules that users are taken through.

Example 1 – Mass Market Phishing

Example 2 – Web Phishing

Reporting

 

Andrew Morpethhttps://ucgeek.co/author/amorpeth/
Andrew is a Modern Workplace Consultant specialising in Microsoft technologies based in Auckland, New Zealand; Andrew is a Director and Professional Services Manager at Lucidity Cloud Services and a Microsoft MVP.

Related Articles

Allow Microsoft Teams Auto Attendants and Calls Queues to make external calls

This helper script will help you check and configure Microsoft Teams Auto Attendants and Call Queues to make external calls. View on GitHub here. https://github.com/ucgeek/Microsoft-Teams-AA-and-Queue-Voice-Policy-Helper  

Azure Virtual Desktop vs Windows 365

Azure Virtual Desktop and Windows 365 are both cloud-based virtual desktop technologies provided by Microsoft. In this article we'll look at some of the key Azure Virtual Desktop vs Windows 365 differences.

Phishing Awareness Training for Office 365

Phishing Awareness Training for Office 365 is available in Microsoft Defender. It can test your user's awareness of this common scamming technique and provide learning tools to help them upskill.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Andrew Morpethhttps://ucgeek.co/author/amorpeth/
Andrew is a Modern Workplace Consultant specialising in Microsoft technologies based in Auckland, New Zealand; Andrew is a Director and Professional Services Manager at Lucidity Cloud Services and a Microsoft MVP.

Latest Articles

Allow Microsoft Teams Auto Attendants and Calls Queues to make external calls

This helper script will help you check and configure Microsoft Teams Auto Attendants and Call Queues to make external calls. View on GitHub here. https://github.com/ucgeek/Microsoft-Teams-AA-and-Queue-Voice-Policy-Helper  

Azure Virtual Desktop vs Windows 365

Azure Virtual Desktop and Windows 365 are both cloud-based virtual desktop technologies provided by Microsoft. In this article we'll look at some of the key Azure Virtual Desktop vs Windows 365 differences.

Phishing Awareness Training for Office 365

Phishing Awareness Training for Office 365 is available in Microsoft Defender. It can test your user's awareness of this common scamming technique and provide learning tools to help them upskill.

Azure Virtual Desktop & Windows 365 Licencing Requirements

This article details the Microsoft Azure Virtual Desktop and Windows 365 licencing requirements.

Azure Virtual Desktop Review

This Azure Virtual Desktop review reveals a virtual desktop solution ready for the modern workplace. It's modern, fast, and scalable.