Phishing attempts for Office 365 are a serious problem, and as of late, seem to be increasing.
If you ever receive an email that states there is a “problem” with your Office 365 account and you need to log in to fix it, you are being phished. If you ever receive an email that gives you a link to a document and asks you to login, you are being phished.
Never enter your username and password into any website without 100% certainty that it is the correct Office 365 website. If you ever have any doubts or concerns about an email message, please call me, or forward the email to me first.
There is no “Hacking” involved in getting a user to give you their username and password. Therefor there is no firewall or security measure to prevent this.
The best method of protection in these cases it to enable Two Factor Authentication. This involves having Microsoft send a code to your phone to verify the person logging-in is you. This can be somewhat of a hassle when trying to login but this is currently the only method of protection.
Please contact me if you are interested in setting this up for your accounts. This takes time to setup and direct one on one user interaction with me.