Microsoft is making significant changes to its Microsoft 365 subscription, with one of its biggest privacy features set to be removed by the end of this month.

The built-in Virtual Private Network (VPN), which was previously available through the Microsoft Defender app, will no longer be a part of the subscription service from 28th February 2025.

The decision to discontinue the VPN just so happens to coincide with the recent increase in Microsoft 365 subscription fees. While Microsoft has introduced new AI-powered features, businesses relying on the built-in VPN for security and privacy will now need to find an alternative.

Microsoft 365 VPN to Be Discontinued

While the built in VPN was admittedly not the most advanced service and although it did not come with all the bells and whistles one would get from a more sophisticated option, users still greatly benefitted from having an easily available way to protect themselves when browsing the web.

Now, only a few years after it first became available, a Microsoft support statement was released explaining the rationale behind this move. The statement said, “Our goal is to ensure you, and your family remain safer online. We routinely evaluate the usage and effectiveness of our features. As such, we are removing the privacy protection feature and will invest in new areas that will better align to customer needs”

Why Businesses Should Invest in a Private VPN

It should be noted that at the moment, the removal of the VPN is only affecting Personal and Family 365 packages. But it does beg the question: If Microsoft can remove VPN privileges from these users, what would stop it from doing the same to businesses?

With Microsoft withdrawing its VPN offering to some users, businesses should be considering third-party VPN solutions, if they don’t already have such a system in place. With cybersecurity threats constantly on the rise, businesses can’t afford to suddenly lose access to important security tools (or be forced to make extra space in their budgets, at the drop of a hat).

While Microsoft’s VPN is a convenient addition, it was never designed to provide the best or most sophisticated enterprise-grade protection. But a private VPN service does provide several key advantages that Microsoft cannot:

• A business-grade VPN uses stronger encryption protocols and security measures to protect company data from cyber threats.
• Unlike Microsoft’s VPN, which is automatically assigned a region, private VPNs allow businesses to choose their server locations, ensuring unrestricted access to global resources.
• With stricter GDPR regulations in the UK, businesses must ensure their data is encrypted and secure at all times. A private VPN helps maintain compliance by safeguarding sensitive information.

For UK businesses concerned about privacy, the removal of Microsoft 365’s VPN should serve as a wake-up call to invest in a more robust and reliable alternative.

It is more important than ever before for business owners to take proactive steps towards protecting their digital security in an increasingly threat-prone online landscape.

And 24/7 IT Services can help you do just that. With our approach to IT Security Solutions and our expansive Managed IT Support Services, we can help you ensure that your online data stays secure and your IT needs met. Contact us today for more information.

The post Microsoft 365 Drops VPN Feature for Some Users appeared first on 247 IT Services.

This week, Microsoft 365 admins received warnings from Microsoft about authenticating their outgoing email messages. The announcement comes in response to Google implementing new strict anti-spam rules that are going to affect admins using business Microsoft 365 Outlook accounts to send bulk messages.

In recent years, spam email messages have gotten out of control and email providers have had a hard time preventing the spam from slipping through the cracks.

And like many other email providers, the ongoing issue around unwanted emails had forced Google to now take a harder stance towards the onslaught of spam.

How Spam has Become a Threat to Web Users

There are plenty of reasons why spam emails can be incredibly problematic to those who get them.

In the past, spam was just an overly eager, really annoying marketing technique, but these days spam has become a tool used by hackers and scammers, who use the trust of email recipients to gain personal data.

Spam emails usually contain phishing scams, which are designed to mimic legitimate communication from institutions, or they contain links to malware or viruses. The goal of such emails is to gain certain information from the reader which can then be used to cause harm.

Spam emails can also inundate inboxes to such an extent that it becomes almost impossible to see what is a legitimate message and what is not, causing important emails to go unanswered.

Moreover, having your business email address associated with spam can tarnish your online reputation, impacting your ability to interact effectively with clients.

Microsoft’s Warning to 365 Users

With the new spam rules, website owners and admins are being encouraged to authenticate their domains so that they won’t be rejected by web email providers.

The Microsoft Defender for Office 365 team said “By setting up email authentication for your domain, you can ensure that your messages are less likely to be rejected or marked as spam by email providers like Gmail, Yahoo, AOL, and Outlook.com”.

The team further said that authenticating is vitally important for those who are sending out bulk emails, which might just show up as spam because they are being sent in a large quantity.

Microsoft also used this opportunity to remind users that the 365 service should not be used as a bulk mailing service and said that those doing so were not following the sending limits and as such could be blocked or flagged as high risk.

The company said that those who wish to send bulk emails should rather use their own email servers or make use of a mass mail provider, to ensure that they are able to adhere to the best emailing practices.

Being flagged as spam is a nightmare for businesses as it not only prevents any marketing emails from going through but it can also prevent your day to day business emails from going out to your clients.

*

Need help from IT professionals? At 24/7 IT Services, we have a team of IT experts who can help with everything from creating and implementing a business continuity plan that you can rely on to handling your IT security, and we can also give you expert advice about your Microsoft 365 accounts. Contact us today for more information.

The post Microsoft 365 admins Receive Warning about New Spam Email Rules appeared first on 247 IT Services.

This highly sophisticated tool was first created in the middle of 2022 and in a relatively short time, Greatness has gained a lot of malicious users.

Companies in the UK, Australia, Canada, the United States and South Africa have fallen victim to this phishing scam, and the specific industries that are being affected cover a wide area and include construction, finance, healthcare, real estate, manufacturing and education, all industries with plenty of sensitive data.

How Greatness Works

The setup is so simple that any criminal can use it, which is a huge part of the problem as it gives even entry level hackers the opportunity to steal. Hackers need only log into the tool, supply it with their unique API key and give the tool a list of the email addresses that they wish to target. From there the hacker can create a personalised email message, one that sounds authentic and Greatness will do the rest.

For those that are unfortunately duped, the tool will be triggered when the attachment is opened, and after that a landing page will be created. The page is automated, and it will use the target’s log and a background image, easily mimicking a Microsoft 365 login page. Not only will the page look legitimate, but it will also be filled with the right email address, which can further make the target believe that everything is in order.

The fake landing page is actually a smokescreen of sorts, and it sits between the user and the actual Microsoft 365 account login page. It is pretty simple from there, as the user will enter their personal information to access what they think is their Microsoft account, and in reality they will be sending their information directly to the hacker who will then be able to log into the account and steal what they like.

You might be thinking, but what about the multi-factor login authentication that Microsoft has in place to secure accounts?

Greatness is a sophisticated tool, as we said, and its developers have found a way to sidestep this security by accessing the authentication popup and requesting the MFA code. The user essentially won’t realise that they are sharing their security code. When the user enters the code, the hacker will access the session via Telegram, work around the MFA and gain access.

At this point, Greatness is being used almost exclusively to steal data from Microsoft 365 accounts. And this is precisely why Microsoft is raising the alarm.

To avoid being scammed by a tool like this, it is important to always be cautious when entering your details on just any sort of landing page. Whenever you receive an unusual looking email, it is worth taking the time to Google the address and to try to find out if it is something legitimate. And if you are not expecting an email that will prompt you to log into your Microsoft 365 account, don’t enter your details on just any attachment. You should also always make sure that you are running the most up to date version of whatever antivirus programme you have installed.

*

At 24/4 IT Services, we provide a range of general and specialist services to our clients, including IT security solutions. If you need to relook at your IT security setup, you can contact our team today to request a quotation or a consultation.

The post New Phishing Scam Threatens Microsoft Users appeared first on 247 IT Services.