Hunting for Phishing in Office 365

by | Mar 19, 2018 | Security | 0 comments

The scariest aspect of a phishing attack is that it only takes a single employee clicking on a PDF attachment or enabling macros on an Excel document for your business to be infiltrated. One compromised inbox can result in days or weeks of headaches for your IT department. A ransomware attack can cost you in money, time, and productivity. But the danger goes beyond employees just being click-happy.

How much should you worry about a Phishing attack on your organization?  

Microsoft has been making steady improvements to Office 365’s Advanced Threat Protection since 2015. Features such as safe links, URL detonation, Malware Quarantine, and near real-time reporting have been added. They have maintained a malware catch rate of over 99.9% and a file detonation time of under 50 seconds.

Through these improvements, as well as general education of the workforce, most traditional-style attacks can now be spotted by the layperson. Strange emails asking for login information or bank details are usually ignored and deleted. Generally, Nigerian princes are out of luck. But, bad actors have closely monitored the way Microsoft and end users have responded to traditional phishing attacks and adjusted their own methods accordingly.

Phishing, Spear-phishing, and Spoofing, Oh my!

The attacks have not stopped, they have only evolved. Phishing practices have been developed to exploit anything that makes you think an email is safe. They leverage refined techniques, like targeted attacks called spear-phishing, as well as impersonation methods called spoofing.

Spoofing has become extremely sophisticated, a single character difference in the email domain or recipient name can be the difference between legitimate communication and dangerous malware.  Your accounting department could get correspondence from a supplier inquiring about changing billing procedures, but if the email’s domain is just slightly inaccurate: you may be under attack. Your organization could be the target of a spear-phishing attempt trying to get your company’s bank details. But Microsoft is fighting back against these new threats.

In addition to general refinements Office 365’s Advanced Threat Protection, Microsoft has been working specifically on anti-impersonation enhancements. Using artificial intelligence and machine learning, they can understand your network and normal patterns of activty, flag suspicious senders, and protect your organization.

At Peters & Associates, we can examine all your Office 365 security controls, and make sure your organization is protected. Contact a representative for an Office 365 Security Review today at