Outlook: Rule to display desktop alert

🚨 The Signal: Outlook now allows users to create rules for desktop alerts on specific emails. This feature, while improving user awareness, introduces a potential vector for social engineering and information disclosure if not managed carefully.

The Impact

End users are affected, with a low security risk of increased susceptibility to social engineering if alerts are misused.

• End users: May inadvertently highlight phishing attempts if rules are too broad.
• Security teams: Need to educate users on safe rule creation to avoid social engineering.
• Admins: No direct administrative control, but awareness is key for user guidance.

The Action

1. Educate users on creating specific and secure email rules, avoiding broad criteria that could alert on malicious emails.
2. Reinforce existing security awareness training regarding phishing and social engineering tactics.
3. Monitor for any reported incidents related to desktop alerts being triggered by suspicious emails.

Domain: M365-Apps · Impact: low · Workload: M365 Apps