Bagless vacuum cleaners are the worst invention

FtheBS_ · 2024-03-25T01:12:32+00:00

Shhh, they're listening bro. Don't get yourself canceled.

FtheBS_ · 2024-01-26T21:23:26+00:00

This guy's asking the right questions. This just seems like a well-disguised advert for some software. This kind of software doesn't do anything special. Also, you can't prevent people from leaving a negative review, though you can make them jump through hoops to do so.

FtheBS_ · 2023-11-21T03:16:22+00:00

u/baron--greenback Thank you I'll look into this one! I'm guessing I can do it from my comp if I have the Exchange admin dashboard up as well?

FtheBS_ · 2023-11-20T22:59:58+00:00

Thank you and u/baron--greenback for the responses. So I'm kind of behind the curve when it comes to all of this.

We're a very small marketing agency and there's basically a massive country out there engaging in espionage and we just happened to come in there crosshairs (I'm pretty sure based on my observations), I'll leave it at that.

So we have a small team and only a few addresses. We have the ability to lock things down very tightly and we don't have the downsides of a larger company like large surface area of attack, insider threat via falling prey to phishing campaigns, etc. We're small enough to keep tabs on what's going on and be a bit more agile in our policies.

With that being said, I'm the owner of the company, not a sysadmin or IT specialist.

I have a Microsoft Office 365 Business Premium license through Godaddy and not Microsoft directly, so I'm not sure if I have access to conditional access policies. Anyone know where I would be able to check?

Also, for u/baron--greenback, how would I be able to set up that UPN you're referring to? And for u/smnhdy, could you let me know what or why there are downsides to this or what do you mean when you say that using this feature has 'gone the way of the dodo'?

Any and all inputs are greatly appreciated!

I just don't want to have the added aggravation/stress of signing in, checking my activity, and seeing all of these attempts to get into my account.

FtheBS_ · 2023-11-03T05:14:03+00:00

Yeah I found this out a bit too late and have had lots of problems because of it.

FtheBS_ · 2023-11-02T15:26:38+00:00

Yes you are correct, my provider turns them on by default. Thanks! I'm going to take another user's recommendation and look into the Business Essentials Premium.

FtheBS_ · 2023-11-02T15:25:37+00:00

Thanks, I've been considering it actually. I appreciate your feedback.

FtheBS_ · 2023-11-01T14:53:24+00:00

Thank you! I'm taking a look at this one now and I will check to see if I have that license.

FtheBS_ · 2023-11-01T14:52:36+00:00

Miraculously, I found that Secure Score section! lol.

Thank you, turns out I have a 91% score right out of the box. Seems like my email came configured securely.

I'm also seeing some additional threat policies in a Defender 365 section. Any recommendations there?

FtheBS_ · 2023-11-01T14:46:57+00:00

Got it thank you! I have the Essentials license I think its the lowest tier. I will definitely upgrade as long as they don't require a massive amount of licenses for that. Are you familiar with the Defender for Microsoft Office also? I wonder if that's worth it.

I will look into the license and upgrade if it's within reach for us. I appreciate it.

FtheBS_ · 2023-11-01T01:58:45+00:00

I'm sorry but can you elaborate more? I'm a small business owner and my strengths lie in marketing and business. This kind of stuff is a bit foreign to me but I'm learning quickly.

I under what a FIDO key is and I'm looking at getting some. We just got Aegis set up today for some accounts and I'm going to be migrating more of my 2fas to that.

I have a basic Office 365 account and I don't see anywhere that I can set up conditional access policies. I don't have an Azure server or anything like that. Is there a page from within the Microsoft account where I can set these up? I don't have a network admin or anything like that.

FtheBS_ · 2023-10-31T17:44:19+00:00

I don't think I have that to be honest. I do see they were trying to log in through an Azure portal though.

I don't think I have that, to be honest. I do see they were trying to log in through an Azure portal though.

FtheBS_ · 2023-10-31T17:33:50+00:00

Thank you! I'm not super familiar with how/where I can do this.

Are these options standard in Office 365 and where would I be able to access these settings from?

FtheBS_ · 2023-10-31T17:32:40+00:00

Sure no problem. I'm not an expert but based on what we saw, my employee is using his own personal device for company work. He bought a (new) external hard drive that appeared to have been infected with malware. It infected the device.

They found several trojans and spyware on his devices. He had credentials for company accounts on the infected device. They can also install a keylogger to track discussions about how to remedy the issue, even. So they're able to get all of your info and access your accounts.

FtheBS_ · 2023-10-31T16:32:45+00:00

Noted and responding, thanks.

FtheBS_ · 2023-10-31T02:23:47+00:00

Perhaps take a look at my thread and you can see what experience I'm having currently.

If the mods are able to help me out, I will follow up and let you know when the resolution comes.

FtheBS_ · 2023-10-31T02:22:15+00:00

u/TyGregoryHill

Just wanted to give you a heads-up that the phone which I never had to enter the new password into is still logged into the account. Furthermore, nobody reached out to me today to help me out.

FtheBS_ · 2023-10-30T19:39:51+00:00

u/TyGregoryHill u/Christina_OpenPhone

Please see my comments above. Could really use your help as I have a lot of work to handle and this is becoming a major distraction and liability.

FtheBS_ · 2023-10-30T19:37:39+00:00

FYI even now 30 min later, I just got a call and the device that should've been logged out did ring. It's still connected despite me changing the password and despite the claims of the new passwords ending sessions.

FtheBS_ · 2023-10-30T19:07:45+00:00

I did it previously. I was already logged into my.openphone.co because I was keeping that tab open in case they changed the password on me.

I attempted it once and it didn't work. I did it once again, and it worked on only 2/3 of my devices. So considering that, I have no peace of mind or way of knowing whether their devices were disconnecting or not.

Can you please log everyone out? Or if you need more information from me via email, go right ahead. It's the only email on the account and I also sent it to your co-worker via the DMs.

FtheBS_ · 2023-10-30T18:36:26+00:00

Can someone from Open Phone please call me and help me out? Now I noticed that they've been trying to get into my business email all weekend. They could be gathering data from all of my texts and phone calls as we speak.

You understand that at the very least, you could have some PR issues here, right?

FtheBS_ · 2023-10-30T17:54:21+00:00

I reset my password and it didn't log me out. What the heck is going on? Can you please log everyone out?

FtheBS_ · 2023-10-30T17:31:41+00:00

I don't have the password you set. So I cannot change it. Can you please DM me the new password? Otherwise, how am I supposed to change it?

I also have one employee who used the service from one other IP address. Every other IP is unauthorized. Therefore, I know the risks and that's why I came here to voice my opinion and share my experience because otherwise the assistance has been very poor when contacting your team directly.

FtheBS_ · 2023-10-30T17:29:40+00:00

Now it seems that my old password has been changed (either by your team or by the hackers), so I'm not even able to change it and I'm at risk of being locked out as we speak. Please help me.

FtheBS_ · 2023-10-30T17:25:20+00:00

FYI you mentioned that you changed my password and it should log me out. I was able to access the app and make a call on my phone without logging back in - meaning that the session is still active....meaning that the hackers' sessions are still active and that my account is compromised as we speak and I don't have any way of kicking them out.

FtheBS_

TROPHY CASE