Do users' access to other mailboxes pose severe security risks?
When a user accesses another mailbox within an organization, several security concerns may arise, including the following:
- Microsoft 365 external access If any external/guest users have access to other Exchange Online mailboxes, there is a possibility of accessing any sensitive information from the respective mailbox.
- Using suspicious IPs If an Microsoft 365 user accesses other mailboxes from an unusual IP address, the possibility of data breaches is greater.
- Multiple mailbox logins from the same user If a user sign-in to the delegated mailbox multiple times within a short period, it might indicate malicious mailbox access.
- Prone to Microsoft 365 phishing attacks Unknowingly, non-owners may respond to phishing emails which results in the stealing of credentials by the hackers.
Access from suspicious IP addresses may cause serious threats to a Microsoft 365 organization!
Using AdminDroid, you can easily find the IP address of a specific Exchange Online mailbox non-owner access event.
To find the IP address of a particular Microsoft 365 non-owner access activity, you can check the Client IP property from the Mailbox Non-Owner Access report. Additionally, you can rearrange the available properties as per your need by clicking on the Customize Columns icon.