The highly successful Microsoft Office 365 platform, which now has 258 million corporate users, has become a rich target for sophisticated phishing attacks. Thanks to Office 365, Microsoft was the most imitated brand in phishing attacks in 2019. Office 365, now Microsoft 365, is a multisystem platform that incorporates email, file storage, collaboration, and productivity software, such as OneDrive and SharePoint. They contain a database of confidential data and files that phishers are trying to take advantage of.
What is Phishing?
Phishing is an email attack that attempts to steal confidential information from messages that appear to come from a legitimate source but are actually from cybercriminals. Attackers are sending emails that seem to be from Microsoft or other vendors with whom users have daily contact, containing urgent requests in order to steal a user’s credentials. In phishing attacks, common scenarios include requests to update billing details, pay a past-due invoice, retrieve a voicemail, and change a password. They’ll try to convince you to open a fake attachment that downloads malware onto your system, enabling them to remotely access your computer or encrypt your data.
Phishing is classified into many types:
- Spear phishing uses targeted, personalized content that is tailored to the individual recipients
- Whaling is aimed at executives or other high-value goals within a company.
- Business email compromise (BEC) uses forged trusted senders to deceive recipients into accepting payments, transferring money, or disclosing personal information.
- Ransomware, which encrypts your data and demands payment to unlock it, almost always begins with phishing emails.
How do we stop our team from receiving or responding to phishing emails?
Many of the standard security countermeasures provided by Exchange Online Protection (EOP) are bypassed by Office 365 phishing attacks (EOP). When it comes to Office 365 phishing attacks, two risk reduction approaches are efficient.
- User awareness training – Limiting a company’s exposure to malicious organizations threatening to phish for sensitive information requires being proactive. End users are the first line of defense when it comes to avoiding phishing attacks. They are, however, often your weakest link. Educating end-users about phishing attempts raises their consciousness and makes it easier for them to identify fake email when they receive it. Furthermore, training should not be limited to one-time sessions or simulated phishing exercises. The phishing email involving Microsoft Office 365 will not be the last of its kind. Every day, cybercriminals devise new ways to trick workers into divulging confidential information, and the most successful way to mitigate these risks is through ongoing training.
- Office 365 Advanced Threat Protection – Advanced Threat Protection (ATP) can help secure your mailboxes, files, online storage, and applications in real-time from new, sophisticated attacks. Its default controls are fairly successful at identifying phishing emails that imitate your users, domains, and external contacts. Office 365 Advanced Threat Prevention is a phishing protection platform in Office 365 that works in three ways to fight cybercriminals:
- Safe Links – Safe links double-checks any link in an email at the time you click it to see if you’re about to be taken to a dangerous website. As malicious links are dynamically blocked while good links can be accessed, Office 365 ATP safe links security remains in place every time they click the link.
- Safe Attachments – Safe attachments, like safe links, open any email attachment received via email in a virtual environment and monitor what happens next. The secure attachments policy will protect your users from malware delivered via phishing emails, such as the recent COVID-19 phishing campaign, which installed a malicious remote access tool via an excel file with macros.
- Anti-phishing Intelligence – This tool learns how everyone in the company interacts (and with whom) so that when an unnatural or unusual series of communications starts, the device can reliably determine which of those accounts is under attack.
Of course, when it comes to preventing phishing attacks and other cyber threats, Office 365 Advanced Threat Protection isn’t the be-all and end-all. It’s important to not only raise users’ awareness of phishing attacks but also supplement Office 365 with purpose-built security settings and policies to stay safe. People and technology, when combined, create the ultimate barrier.
So get in contact with us right away if you need help setting up any of these policies. We will be pleased to assist you. In Microsoft 365, we can also facilitate the cleanup after a successful phishing attack. You can reach out to us right now at Phone Experts.
