Skip to main content

Tip #22: There’s a Setting That Lets Hackers Read Your Email in Silence

May 26, 2026

Block External Auto-Forwarding in Microsoft 365

A single overlooked setting in Microsoft 365 can allow emails to be silently copied to an outside address for months. Check to ensure that it’s closed.

What to Do

  • Ask your IT provider: “Is external auto-forwarding blocked in our Microsoft 365 environment?”
  • If not, have them disable it at the tenant level. This is a quick change that applies to all users instantly.
  • While they’re in there, have them audit existing mailbox rules for any suspicious forwards already in place.

How to Know It’s Done

  • External auto-forwarding is disabled at the tenant level.
  • Mailbox rules have been reviewed across employee accounts for anything unexpected.