We often allude to the benefits of having an integrated threat protection stack in Office 365. Today we wanted to take the opportunity to walk you through how the combined features and services in the Office 365 threat management stack help your organization protect, detect, and respond to a potential phishing attack. Phishing is the term for socially engineered attacks designed to harvest credentials or personally identifiable information (PII). Attackers use a variety of strategies to make the recipient believe the email is coming from a legitimate source. Phish emails often convey a sense of urgency to the recipient to take an action described in the email. We see phishing emails come in a variety of forms including:
1. Spoofing: where the sending domain matches a legitimate business.
2. Impersonation: of users, domain, and brands (where emails are crafted to look like they are coming from specific users, domains and brands).
3. Content Based Attacks: emails contain malicious links or attachments.
End To End Security Focus
The Office 365 threat protection stack combines a rich set of features designed to prevent phishing attacks, as well as capabilities offered to security teams that more effectively and efficiently enable detection and response to phishing attacks. Our services help:
Protect set up and configure Office 365s security services to keep end users secure.
Detect determine if a threat has entered the tenant and who or what was impacted.
Respond remediate a threat or attack to return your tenant to a safe, no threat state
Reference:
https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/how-office-365-protects-your-organization-from-modern-phishing-campaigns/
