Phishing attacks continue to be the top security threat for businesses of all sizes. With the growing complexity, it's difficult for even a trained eye to identify some of these sophisticated attacks.
Popular SaaS tools, like Office 365, have become an attractive target for targeted phishing attacks. Attackers are crafting emails that appear to be coming from Microsoft, or other vendors regularly communicated with, containing urgent requests with the objective to capture a user’s credentials. Updating billing information, pass due invoice, missed voicemail and password update requests are all common scenarios used in phishing attacks.
One of the Office 365 security add ons iV4 recommends to protect against phishing attacks, is called Microsoft Office 365 Advanced Threat Protection (ATP). Office 365 Advanced Threat Protection can help protect your organization from malicious impersonation-based phishing attacks and other phishing attacks.
Microsoft Office 365 Advanced Threat Protection (ATP) is a cloud-based email filtering service that helps protect your organization against unknown malware and viruses by providing robust zero-day protection, and includes features to safeguard your organization from harmful links in real time. ATP has rich reporting and URL trace capabilities that give administrators insight into the kind of attacks happening in your organization.
Office 365 Advanced Threat Protection is $2 user/month and included in Office 365 E5. Plans and pricing information.
Office 365 Advanced Threat Protection is an Office 365 phishing protection tool that combats cyber criminals in three ways:
1. Safe links
Safe links double-checks every link contained in an email at the time you click on it to see if you’re about to be sent somewhere dangerous.
Any security software will scan the links in your emails to see if they’ll redirect to a malicious site – but a particularly clever phishing attack will send an email that contains harmless links but then, after that message hits your inbox, it will detect that it passed your filters and change those links to something malicious.
Office 365 ATP safe links protection remains in place every time they click the link, as malicious links are dynamically blocked while good links can be accessed.
2. Safe attachments
Like safe links, safe attachments open every email attachment that is received via email in a virtual environment and watches what happens next.
All messages and attachments that don’t have a known virus/malware signature are routed to a special hypervisor environment, where a behavior analysis is performed using a variety of machine learning and analysis techniques to detect malicious intent. If the attachment is determined to be malicious, that file will never reach your inbox. If no suspicious activity is detected, the message is released for delivery to the mailbox.
3. Anti-phishing intelligence
This tool learns the way everyone in your organization communicates (and who they communicate with) so that when an unnatural or unusual string of communications begins, the system can accurately gauge that one of those accounts is being controlled by an attacker.
Of course, Office 365 Advanced Threat Protection is not the end all be all when it comes to stopping phishing attacks and other cyber threats.
Not only is it essential to educate your users about the dangers and warning signs of phishing attacks with Security Awareness Training, it is also critical to implement additional Office 365 security settings and rules.
Office 365 Advanced Threat Protection is included in Office 365 Enterprise E5, Office 365 Education A5, Microsoft 365 Business can be added to the following plans.