Winning the Office 365 Email Phishing Wars
By: Jane Wasson
For users of Office 365 email, it may seem as if the ingenuity of hackers knows no bounds. With its long list of benefits and capabilities, Office 365 is a strategic provider and extraordinarily popular, but it struggles to prevent email phishing — putting users at constant risk of cyber threats. The existing spam filter in Office 365 is excellent baseline functionality when it comes to detecting and quarantining high volume, spam/bulk email. But it’s not architected to hunt down the craftily configured, low volume, targeted phish that slip undetected into user inboxes.
Unfortunately, even users who purchase Office 365’s Advanced Threat Protection (ATP) add-on continue to get phished. The resourcefulness and shape-shifting skills of hackers outpace all but the most dedicated solutions. For example, threat actors can establish valid Office 365 accounts, or compromise and gain access to victim accounts, and easily launch campaigns from Microsoft’s own reputable infrastructure that evade Office 365 defenses. This is why Gartner recommends protecting against phishing attacks by means of a specific, technology-based anti-phishing service such as Area 1 Security.
To underscore the need for this support, fraudsters recently figured out how to frustrate Office 365’s Safe Links security feature and enable redirection of victims to a phishing site.
This threat and countless others under construction prove that closing the phishing gap in Office 365 demands a deep understanding of the nature of phishing itself — combined with the ability to integrate into, and reinforce Office 365’s protections.
Close the Phishing Gap
Area 1 Security deploys and integrates in minutes with Office 365 to seal its protection profile with a preemptive, comprehensive, and accountable defense from socially engineered phish. The anti-phishing capabilities of Area 1 Security fit tightly with the email security features included in Office 365, including anti-spam, DLP, encryption, and archive to provide total, seamless email security against phishing attacks.
How Area 1 Security Fits the Needs of Office 365 Email
Innovative technology is what makes Area 1 so effective against hackers. Area 1 Security anti-phishing solution continuously crawls the web with advanced technology that tracks threat actor activity and uses proprietary, small pattern analytics to reveal new phishing sites, malware payloads and campaigns before those attacks go active — on average identifying malicious sites and malware 24 days before industry benchmarks. This gives organizations an average 24-day advantage over other defenses and helps stop the low volume, targeted phish that Office 365 defenses miss.
Besides its quick on-boarding, Area 1 Security’s Horizon™ anti-phishing service is easily configurable in multiple ways to fit a specific email environment. The service adds a critical layer of protection to Office 365 deployments. While Office 365 can detect and quarantine high-volume spam and known email threats, only Area 1’s preemptive approach detects and helps block the low and slow targeted phishing attacks that Office 365 protections miss.
Real World Deployments; Real World Results
Several of Area 1’s customers deploy our anti-phishing service to catch the phish that Office 365 with ATP misses. Here are some recent examples of phishing emails that bypassed Office 365 with ATP and were caught by Area1:
In the first case, a customer received an email with a link to open their account statement from Wells Fargo. The email looks authentic, but the link in the email leads to a fake Wells Fargo login page that allows the threat actor to harvest the victim’s credentials and gain access to the victim’s account. The Area 1 Horizon service uses innovative analysis techniques, in this case, a technique that recognizes when links and sending domains not associated with common brands are present in an email. As a result, the service detected this phishing email and blocked it, before it reached the intended victim’s inbox.
In another recent case, a customer received an email notification regarding a missed package delivery. The email included a link to a document with information regarding the package. Using proprietary ML file analysis, the Area 1 Horizon service analyzed the linked document, detected malicious VB script in the document and prevented the phishing email from being delivered to the recipient and downloading malware to the recipients computer.
Why Area 1 Security is Vital to Reinforcing Office 365
As Office 365 expands and grows ever more a part of business and personal life, more and more threats can be expected to emerge. The massive size and comparative ease for phishing criminals to compromise Office 365 demands that security be beefed up with a specialist phish-hunter like Area 1 Security.
With the plague of email fraud and threats certain to continue growing, an easily deployed anti-phishing technology like Area 1 Security can prevent the runaway hacking epidemics that everybody fears.
