(October 20, 2022) Email security is a critical component of a defense-in-depth strategy. Microsoft’s built-in security is highly effective but can’t always detect and block today’s sophisticated attacks. A recent phishing attack used a phony Zoom notification to try to capture the Microsoft credentials of more than 21,000 users at a national healthcare company. The email displayed the Zoom name and logo and included the user’s name. It encouraged the user to click a button to view two Zoom messages awaiting the user’s response.
However, the button took users to a phony landing page where they were told to verify their identity by entering their Microsoft credentials. The username field was prepopulated with the victim’s email address, lending greater credibility. Because the email was sent from a valid domain, it eluded Microsoft security. Luckily, the healthcare company had additional email security controls that were able to stop the attack.
That’s why multilayered email security is a critical component of a defense-in-depth strategy. Microsoft’s built-in security is highly effective but can’t always detect and block today’s sophisticated attacks.
Supplementing Microsoft’s Protections
According to Statista, more than a million organizations worldwide use Microsoft 365 as of June 2022, with almost 890,000 of those in the U.S. Eighty percent of Fortune 500 companies use Microsoft’s cloud-based email, collaboration, and productivity software platform. Cybercriminals have a vested interest in defeating Microsoft’s antispam controls.
In light of that, organizations can benefit from a secure email gateway that focuses specifically on detecting spam. Industry-leading leading tools can block 99.9 percent of spam, greatly reducing the risk that a phishing email will make it to users’ inboxes.
However, more than 120 billion spam emails are sent daily. The odds are high that some spam emails will elude the best filters. That’s why post-delivery protection is also important. Continuous monitoring tools examine emails that make it past frontline defenses, and scan links and attachments for threats. Sophisticated analytics engines leverage threat detection, while DMARC authentication protects against domain name spoofing.
AI and User Awareness
Today’s best-in-class tools also incorporate artificial intelligence (AI) to provide real-time protection against phishing and other email-borne attacks. These tools “learn” what an organization’s legitimate communications look like, enabling them to spot anomalies that could point to an attack. They examine multiple factors in real-time to detect emails that impersonate users and spoof URLs, automatically quarantining suspicious messages and alerting administrators of the threat.
Of course, no tool is foolproof, and it only takes one user clicking on a malicious link or divulging sensitive information to cause a costly security breach. A human firewall is the last line of defense against email attacks.
Users should be educated on how to scrutinize emails before acting on or responding to them. They should look for suspicious errors or inconsistencies, check the sender’s name and email, and hover over links to see the actual URL. Following password best practices can also help prevent account takeover attacks.
How an MSP Can Help
Comprehensive email security can be complex, particularly for small to midsize businesses with limited in-house IT resources. Qualified managed services providers (MSPs) include email security in their offerings. An MSP can help an organization select and implement the right tools and provide ongoing monitoring and management to ensure that email security is working effectively as threats evolve.
More than 90 percent of cyberattacks begin with an email, and the vast majority of organizations have suffered one or more successful security breaches that began as an email attack. In a recent survey by Osterman Research, 89 percent of respondents said they had fallen victim to such an attack in the preceding 12 months.
Phishing attacks often trick victims into divulging account credentials and other sensitive information. Attackers also use email to distribute ransomware and other threats. A multilayered email security strategy goes beyond basic perimeter protections to reduce the risk of a successful attack.
ABOUT MAINSTREAM TECHNOLOGIES
Mainstream Technologies delivers a full range of technology services in Arkansas and the surrounding region including managed technology States services and consulting custom software development and cybersecurity services. We also offer industry-leading data center services in our Little Rock facilities. Established in 1996, Mainstream has earned a reputation for delivering quality, reliable, and professional technology services for public and private-sector customers across the United States.
Jeff Pracht
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile
