Office - 365 Playbook


CEO Scam or Business Email Compromise (BEC) has been around for many years and there has always been an impression that email spam is well-controlled. However, phishing and BEC attacks require special attention as an increasing number of organizations move their email service to software as a service (SaaS) platforms like Microsoft Office 365 (O365) or Google G Suite. BEC scams are initiated through phishing kits designed specifically to mimic cloud-based email services in order to collect credentials from victims.

This Incident Response (IR) Playbook addresses IR issues on the fast-expanding usage of O365 SaaS application. Blackpanda prepared this playbook based on our experience in handling these kinds of incidents in order to help end-users or system and security administrators take the necessary mitigating actions when phishing emails or suspicious BEC activities are found.

Copyright © 2020 Blackpanda.
All Rights Reserved.


Room 37, Level 5, Core F

Cyberport 3

100 Cyberport Rd

Hong Kong

+852 6975 1099


6 Raffles Quay
Singapore (048580)

+65 6692 9110


301, 2-7-18

Nishiazabu Minato-ku

Tokyo 106-0031

+81 80 2077 9824


D1-U3A-6 Solaris Dutamas

Jalan Dutamas 1

50480 Kuala Lumpur

+60 3 6206 2582


Penthouse, World Plaza Bldg.

5th Ave., Bonifacio Global City

Taguig City 1634

+63 2 8250 6110

  • LinkedIn
  • Facebook
  • Twitter