Written by

Arut Selvan




see all categories
intranet as a service

Microsoft battles phishing with its Advanced Security Platform

Microsoft handles a whopping 450 billion emails every month. Do you have any guess on the number of malicious, spam, malware emails? I am not going to give you the exact figures, but with this stat, you could come to a rough estimate yourself. Every minute Microsoft Cybersecurity Center blocks 10 million such emails! Microsoft Security Platform is striving hard already. You could now probably have an idea of how many spam emails are sent and how complex this is to get sorted.

Office 365 Security Features

Microsoft has some noteworthy security tools as part of its Security Platform to get this job done. Exchange Online Protection (EOP) and Office 365 Advanced Threat Protection (Office 365 ATP) will help us to defend against cyber threats and secure both your intellectual and sensitive data. These are available in Office 365, Windows Defender ATP, Windows 10, Azure Security Centre etc.

All these security services effectively employ machine learning algorithms. They fetch signals from within the emails and attachments. These services have a constant lookout for patterns and anomalies helping them to detect malicious emails, spam or malware.

Before going in detail about how Microsoft handles phishing, let us look into what Phishing actually is. Wikipedia defines Phishing as

“an attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.”

Phishing is evolving in equal pace with security measures being taken and tackling them wholly is becoming a big challenge. Further, the life cycle of phishing attacks is shorter, (means, they are becoming smart) which makes it harder for anti-phishing technologies to keep pace.

Commonly known phishing types

Though we can’t have a mention of every single phishing techniques that exist, we could discuss the most common ones.

Credential Theft - To get inside information, an attacker obtains a person’s username and password—for example, credentials that an employee uses to access company resources.

Identity Theft - With the credentials and information, an attacker impersonates a user or company.

Personal Information Theft - An attacker goes after personal account details, passwords, credit card numbers, or other sensitive information. (cyberespionage)

Encrypt Files for Ransom - The attacker gains access to your files and encrypts them and asks for a ransom (ransomware)

Doesn’t this sound familiar?

You might have already received a lot of phishing emails and thrashed them to the bin or marked as spam in your inbox. Check if any of these scenarios seem familiar to you. (Most likely you would have received such emails frequently)

  1. You get an email that seems to be a legitimate online business. A link that email has redirected to a malicious website (often mimicking branded websites).
  2. You also receive an email with an attachment and if you open it a malware is downloaded to your computer and the sender gains access to your network.

Microsoft Security Platform - EOP protection against phishing

EOP is integrated with Office 365 ATP and EOP has the potential to Inbound and outbound email filtering, Zero-hour auto purge, Filtering for common malicious attachment types, Phishing reporting, Protection against insider spoofing etc.

Microsoft Security Platform  - Office 365 ATP security against phishing

Office 365 ATP is available as part of Office 365 Enterprise E5 and as a standalone component. It addresses ever evolving phishing attacks. Features such as safe attachments, safe links, URL detonation, Reporting and tracing, Office 365 ATP enhanced reporting etc.

The below infographic shows how these technologies help defend against threats and malware in a phishing campaign that targets an organization. The top of the figure shows the threats, and the bottom shows the technology capabilities.

Office365 Security Image Courtesy: Microsoft
Figure 1. Office 365, Windows Defender ATP, Azure Security Center and other technologies combat phishing attacks

With more and more intelligent and smart phishing attacks happening, security experts worldwide are keeping their security capabilities on the rise. Microsoft with Windows Defender & Office365 security features is advancing its security features.

Though no one solution can stop all phishing threats, the various services like those we discussed above in the spotlight of broader Microsoft Security platform can safeguard us from these threats. Antiphishing algorithms, machine learning, clustering, and pattern/anomaly detection further strengthen our security framework for quick detection, enhanced prevention, and targeted response.

Arut Selvan

Written by Arut Selvan

A technology enthusiast keen in learning & exploring new Microsoft technologies. Predominantly working on Microsoft 365, SharePoint & Azure. Currently working with "Hubfly - A unified digital workplace" as a Product Engineer, Arut brings in the new flavors of the technology to the product. He ensures we are always on the edge in our technology stack. He brings in innovation to the product with his out of the box thinking. He is also a Microsoft certified professional.