Protect Email by Disabling Auto-forward

Protect Email by Disabling Auto-forward
There are legitimate reasons why a company may allow auto-forwarding of business email. However, most of the time the best course of action is to simply disable this functionality. Through phishing attacks, hackers can gain access to a user’s mailbox and can forward email to an outside address and steal information.
Turning off the auto-forward function limits an attacker’s ability to silently forward all email to an external email account in the event they compromise an email account.
Below are methods to turn off or create rules for auto-forward.
Microsoft 365
Disable Automatic Forwarding

Open the "Admin centers" navigation tree on the left
Click "Exchange"
Click "mail flow"
Click "remote domains"
Ensure that the box for "Allow automatic forwarding" is not selected
Click "Save"

Create Mail-flow Rule
Click here to watch a video on how to set up this rule.

From the Microsoft 365 admin center, select Exchange, mail flow, and on the rules tab, select the plus sign and choose create a new rule.
Select More options. Name your new rule.
Then open the drop-down for apply this rule if, select the sender, and then is external internal.
Select Inside the organization, and then OK.
Choose add condition, open the drop-down, select The message properties, then include the message type.
Open the select message type drop-down, choose Auto-forward, then OK.
Open the Do the following drop-down, select Block the message, then reject the message and include an explanation.
Enter the message text for your explanation, then select OK.
Scroll to the bottom and select Save.

According to Microsoft, creating this rule prevents hackers from auto-forward messages.
Gmail

Turn off automatic forwarding
On your computer, open Gmail using the account you want to stop forwarding messages from.
In the top right, click Settings .
Click Settings.
Click the Forwarding and POP/IMAP tab.
In the "Forwarding" section, click Disable forwarding.
At the bottom, click Save Changes.

G Suite

Sign in to your Google Admin console. Sign in using an administrator account.
From the Admin console Home page, go to Apps > G Suite > Gmail > End User Access; Tip: To see End User Access, scroll to the bottom of the Gmail page.
In the Organizations section, highlight your domain or the organizational unit for which you want to configure settings (see Configure email settings for an organizational unit for more details).
In the Automatic Forwarding section, clear the check box Allow users to automatically forward email to another address.

Source: blog.alta.org