26.3.2020 • Tietoturva
Protect your users from phishing when working from home with Microsoft 365
”Hard times arouse an instinctive desire for authenticity”, said Coco Chanel once. Unfortunately, tragedies like COVID-19 are always exploited by malicious actors. As Microsoft recently shared, themed phishing attacks are on the rise. Microsoft 365 organizations need to ensure authenticity of their e-mails.
Protecting the users from phishing still relies on two main topics: anti-spoofing and anti-phishing. When preventing spoofing, we need to make sure that forged sender address cannot be used. The current framework for this is DMARC, which encapsulates SPF and DKIM checks together with from field verification. This needs to be combined with Anti-Phishing Policies in your Microsoft 365 tenant.
The best part of DMARC is in my opinion the aggregate reporting functionality. With our customers we use DMARCIAN for aggregate reporting of e-mail authentication, to identify legitimate unprotected sending systems and get visibility for spoofing attempts. Whether you are currently using DMARC or not, implicit DMARC checks are in any case done for your e-mails by major vendors such as Microsoft and Google, so better take control of it straight away.
For phishing, the main prevention technology is Office 365 Advance Threat Protection. This gives you real-time tools to prevent users from accessing phishing site links, investigate phishing campaigns and clean up the damage. In multi-layer defense strategy, deploying Azure AD Conditional Access with multi-factor authentication and legacy authentication block is essential for mitigating the results of successful phishing.
The last line of defense is always the end-users. They need constant security awareness to be able to distinguish fraud attempts, and to have the courage to contact support in case of any doubt about authenticity of e-mails. Just like Coco!
Watch the webinar!
Want to know more how to Protect your users from phishing? See a recording from our webinar!
Arttu Arstila
Consulting & Training
Arttu on Sulavan Lead Microsoft 365 Architect. Hän keskittyy Microsoftin pilviteknologioiden konsultointiin projektien eri vaiheissa esiselvityksistä ja tiekartoista käyttöönottoihin ja tukeen. Artun erikoisosaaminen on tietoturvassa ja identiteettien hallinnassa.