Phishing email become annoying and dangerous, not surprisingly, you or anyone around may receive phishing email. Been working closely with Microsoft, here are some suggestion or approach we can use to cope with them within Office 365 environment.
If you receive the phishing email from your internal Office 365 organisation sender, you need to do the following as soon as possible
1. Change the OWA password for the affected users.
2. Disable Active Sync on the affected mailboxes.
3. Inform the affected users to delete the Office 365 email account from all the phone devices where its configured.
4. After 6 hours, enable ActiveSync on the affected mailboxes.
5. Inform the affected users to re-configure their Office 365 email account on their devices.
6. Submit Spam, non-spam, and phishing scam messages to Microsoft for analysis:
Educating users also play important role in preventing phishing email. Generally, Microsoft or government wouldn't send you the email to enter username and password.