Outlook: Reply with a Template in Rules
🚨 The Signal: Outlook rules can now automatically reply using templates. This introduces a risk of information disclosure or phishing if templates contain sensitive data or are misused by compromised accounts.
The Impact
All users are affected, with a moderate risk of unintended information disclosure or phishing if not properly managed.
- End Users: Risk of accidental sensitive data exposure via automated replies.
- Security Team: Increased surface area for phishing attacks if templates are weaponised.
- Admins: Need to monitor and potentially restrict automated reply capabilities.
- Compliance Officers: Risk of non-compliance with data handling policies.
The Action
- Review existing email policies for automated replies and template usage.
- Educate users on the risks of including sensitive information in reply templates.
- Consider implementing Data Loss Prevention (DLP) policies to scan outgoing automated replies.
- Monitor audit logs for unusual rule creation or modification activities.
- Evaluate if specific user groups require restrictions on this feature via Exchange Online PowerShell.
Domain: Exchange · Impact: medium · Workload: Exchange Online