General
The Login Authenticity Seal is a visual addition to legitimate Microsoft 365 login pages. This seal helps users verify that they are on the correct, official Microsoft 365 login page and not on a malicious phishing site.
The feature is part of a broader set that collectively forms Login Protection. Read the overarching story here: Attic Login Protection.
Rationale
AiTM attacks are advanced phishing techniques in which attackers create fake login pages that look identical to legitimate Microsoft 365 login pages. These attacks are especially dangerous because they can bypass traditional security measures such as multi-factor authentication.
As employees become more aware of this threat, the likelihood increases that they may hesitate about authenticity. A feature that allows them to validate authenticity themselves removes uncertainty and prevents productivity loss.
Attic Fix
For this check, an automated FIX is available! This fix does not rely on permissions in your Microsoft environment because the configuration is fully managed within the Attic system. It will therefore be offered regardless of your onboarding type in the Microsoft environment.
Impact
This change has the following impact on users and administrators:
- Users will see a visual seal on legitimate Microsoft 365 login pages
- The seal helps users verify they are on the correct login page, using the DSCM app in Microsoft Teams and Outlook
- Improved security awareness for users
Our advice is to introduce these measures along with a short training about the various visual cues Attic introduces in the login screen and how users should respond to them.
Comments
0 comments
Please sign in to leave a comment.