Considering the extent to which many businesses rely on email, it is not surprising that the growing number of phishing and spoofing emails making it into people’s inboxes has become more of a problem than a nuisance.
Considering Microsoft is one of the largest email providers for commercial users, with over 120 million business users subscribing to Office 365, Microsoft saw an opportunity to provide an additional service to its customer base by enhancing email screening for its Office 365 users.
Here is a quick overview of what users need to know about this latest update.
The Phishing Dilemma
In a recent blog post, Microsoft explained that phishing scammers who try to obtain sensitive information through email falsification has become a rampant problem.
They claim that businesses are particularly vulnerable to these types of attacks as only 9% of companies in the Fortune 500 have strong email authentication policies, which can leave the majority of businesses vulnerable to having their sensitive information hacked by phishers.
Unless a company’s email filter is able to detect scam email, phishing emails will be delivered to the end user potentially deceiving them.
Considering the severity of the threat that phishing attacks can pose to commercial users of Office 365, Microsoft decided that it was time to improve Office 365’s email authentication as they determined that the risk of allowing dangerous emails through was greater than the risk of potentially losing legitimate emails to spam filters.
Previously, this anti-spoofing technology was only available to those organizations that had an Office 365 Enterprise E5 subscription or to those who had purchased an Advanced Threat Protection (ATP) add-on for their Office 365 subscription.
However, as of October 2018, Microsoft has extended this protection to a wider range of Office 365 subscribers who can now benefit from more secure email screenings.
Contact us to learn more about this change to Office 365 as well as to find out about additional steps your business can take to protect itself from phishing attacks.