In early 2017, the world was introduced to a form of domain spoofing which is almost impossible to spot with human eyes. Major internet browser vendors were quick to build capabilities which could detect these occurrences. However, when it came to email, most still lag behind today.
We get it, you migrated to Office 365 and low and behold it has its own built in email security capability. Thats handy, no more need for a separate solution, Microsoft can handle it for you, right?
Email fraud or using email as a mechanism for breach has been around for almost as long as the existence of email itself. From the moment of its creation, there have been those who seek to use it for nefarious purposes.