Black Hills InfoSec

Stop Spoofing Yourself! Disabling M365 Direct Send

BHIS · 2025-08-20 · Read original ↗

ATT&CK techniques detected

3 predictions

T1566.002Spearphishing Link

98%

"##tpserver sometestdomain - com. mail. protection. outlook. com - from [ email protected ] - to [ email protected ] - subject “ did it work? ” - body “ this is a test of direct send. ” important : there are some caveats to testing, especially “ your isp must allow outbound tcp po…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1566.002Spearphishing Link

61%

"stop spoofing yourself! disabling m365 direct send stop spoofing yourself! disabling m365 direct send remember the good ‘ ol days of zip drives, winamp, the advent of “ office 365, ” and copy machines that didn ’ t understand email authentication? okay, maybe they weren ’ t so go…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1586.002Email Accounts

53%

"else inside your organization. lately, we ’ ve seen the threat actors claim that they ’ ve “ hacked ” your account to gain access to your mailbox, when in fact they ’ ve just sent you email as yourself via direct send! thanks to microsoft, no hacking required! it ’ s important to…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

Remember the good ‘ol days of Zip drives, Winamp, the advent of “Office 365,” and copy machines that didn’t understand email authentication? Okay, maybe they weren’t so good! For a […]

The post Stop Spoofing Yourself! Disabling M365 Direct Send appeared first on Black Hills Information Security, Inc..