We are getting phishing emails for Office365 credentials that make it through the ECOS filter. I've chatted with helpdesk and they had me submit samples to samples@eset.com My question is "How does the filter check for phishing?" These emails were blatantly phishing emails. I've seen other emails where the creators were creative and made it past the filter but these were obvious.
Are they only checked by known sender?
Is the content of the email not checked?
Just curious.