Phishing Attacks

Learn how Microsoft Security Helps Mitigate Threats from Phishing Attacks

What are phishing attacks?

 

If you own an email address, be it for from your organization or personal email, you may at one point experience email phishing. Phishing attacks are scams that often use social engineering bait or lure content. Legitimate-looking communications, usually email, that link to a phishing site, is one of the most common methods used in phishing attacks. The phishing site typically mimics sign-in pages that require users to input login credentials and account information. The phishing site then captures the sensitive information as soon as the user provides it, giving attackers access to the information.

Another common phishing technique is the use of emails that direct you to open a malicious attachment—for example, a PDF file. The attachment often contains a message asking you to provide login credentials to another site such as email or file sharing websites to open the document. When you access these phishing sites using your login credentials, the attacker now has access to your information and can gain additional personal information about you which can lead to further attacks.

Today, cybercriminals are also using smishing. Smishing is SMS phishing, where attackers try to lure victims into revealing account information or installing malware through text messages. The effects is similar to phishing–an attempt to steal critical information or gain access to your credit card or financial records.

How do you protect your organizations against phishing attacks?

  • Microsoft Defender for Office 365

    Microsoft Defender for Office 365 is a cloud-based email filtering service that helps protect your organization against unknown malware and viruses by providing robust zero-day protection, and includes features to safeguard your organization from harmful links in real time. Defender for Office 365 has rich reporting and URL trace capabilities that give administrators insight into the kind of attacks happening in your organization.

    The following are the primary ways you can use Defender for Office 365 for message protection:

    • In a Defender for Office 365 filtering-only scenario, Defender for Office 365 provides cloud-based email protection for your on-premises Exchange Server environment or any other on-premises SMTP email solution.
    • Defender for Office 365 can be enabled to protect Exchange Online cloud-hosted mailboxes. To learn more about Exchange Online, see the Exchange Online service description.
    • In a hybrid deployment, Defender for Office 365 can be configured to protect your messaging environment and control mail routing when you have a mix of on-premises and cloud mailboxes with Exchange Online Protection for inbound email filtering.

    To protect your organization against phishing, Microsoft recommends the following:

    • Implement Office 365 Advanced Threat Protection anti-phishing policies to protect against impersonation-based phishing attacks.
    • Implement Office 365 Advanced Threat Protection with Safe Attachment and Safe Links policies to mitigate against unknown malware threats.
    • Raise user awareness about email-based threats by using Attack Simulator and end-user security awareness training.
  • Exchange Online Protection

    Exchange Online Protection (EOP) is the cloud-based filtering service that helps protect your organization against spam and malware. EOP is included in all Microsoft 365 organizations with Exchange Online mailboxes. However, EOP is also available in the following on-premises scenarios:

    • In a standalone scenario: EOP provides cloud-based email protection for your on-premises Exchange organization or for any other on-premises SMTP email solution.
    • In a hybrid deployment: EOP can be configured to protect your email environment and control mail routing when you have a mix of on-premises and cloud mailboxes.

    For exchange online protection, Microsoft recommends the following:

    • Verify and recommend Exchange Online Protection policies to mitigate against known malware threats.
    • Configure the SPF, DKIM and DMARC records in DNS for all email domains in Office 365 to authenticate mail senders and ensure that email systems trust messages sent from your domain.
  • Microsoft Security and Compliance Center Alerts

    Microsoft Security and Compliance Center allows you to enable alert policies related to suspicious email activities. This way you can take immediate action to mitigate the threats posed by phishing, and protect your critical and sensitive data.

     

How we can help you mitigate threats from phishing attacks

We are seeing small and midsize businesses become the target of cybercriminals with COVID-19-related scams and phishing emails. Each business must figure out how best to deploy new devices remotely, while securing confidential employee, business and customer data.

The US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) provides mitigation guidance for businesses regarding securing enterprise virtual private networks, remote access and bring your own device (BYOD) security as your business adapts to new ways of working.

With 50% of small businesses having experienced an attack within the past year, you will need to be more vigilant with securing your devices, applications and critical data.

Do you need to find out if you need advanced security within your organization? Learn more about our Cyber Security Vulnerability Assessment for Windows Environments by registering for our free informational webinar.

We work with organizations to strengthen their security posture and protect their organization against cybersecurity threats, including leaked credentials, malware detection and more with threat protection tools from Microsoft productivity applications and cloud services. We also provide one-time security assessments to assess your organization’s vulnerabilities based on data from your infrastructure. Visit our CSAT page to learn more.

For immediate assistance, email us at security@danquahgroup.com