unsafe email attacks

For Microsoft Office 365 Exchange Online Protection team, none of the months is ordinary. In our struggle against spams and harmful software, we process 200 billion e-mails every month and every minute we block e-mails include 10 million spams. In our struggle against malevolent threats, we don’t just be content with these.

E-mail attacks are becoming smarter and more complicated all around the world. Therefore, we make big investments on Exchange Online Protection and Advanced Threat Protection services to proactively recognize and block the most dangerous e-mail attacks:

  1. Fixed protection features with parody or general attached-type detection against the size of the attack.
    2. Visible protection with security clues to block the last user’s interaction with detected malevolent e-mails.
  2. Rich learning features for users like Reporting Phishing and Advanced Threat Protection.

New features that come with Exchange Online Protection and Advanced Threat Protection

It needs a lot of attention to protect e-mail communication without affecting the productivity of the last user. Therefore, in Exchange Online Protection and Advanced Threat Protection, we presented new features like security solutions and reporting that protects you against unknown threats and viruses that may come via e-mail attachments and URL.

Safe Attachments

Last June, in order to protect you against unknown threats by catching viruses in e-mail attachments, we released Advanced Threat Protection for Safe Attachments. After an e-mail with a suspicious attachment passes standard Office 365 protection process with triple antivirus engines and multiple spam filters, it enters Safe Attachment environment and passes from a quick analysis to be secured here. In this process, while on the one hand sending the suspicious attachment to Safe Attachment scanning, on the other hand we cleared off the delays sending the text of the e-mail with a placeholder attachment to the receiver. Receivers get a notification stating that the e-mail is being examined and in the meantime they can read the text and reply. If the real attachment is safe, it is replaced with the placeholder attachment, and if it is not safe, the receiver can filter unwanted and harmful attachments.

7/24 Automatic Security

In case that an unread e-mail is categorized as malevolent or spam by mistake, 7/24 Automatic Safety feature is authorized to change that decision. For example, if a message is sent to your inbox and later identified as a spam, 7/24 Automatic Safety feature moves this e-mail from inbox to spam folder; it does the same thing with the e-mails categorized as spam by mistake and moves them to inbox. This feature will be activated for all Exchange Online Protection users by the first quarter of 2016. 7/24 Automatic Safety feature, since the user can be deactivated in the center by his will, the managers will have complete control over the use of this feature.

Outlook Security Clues on the Web

This Exchange Online Protection feature gives proactive and easy to use safety clues to help you decide whether to open an e-mail or not. For example:

1. If the e-mail is sent by a trusted sender, you will get a notification saying that the message is safe.
2. If you receive an e-mail with suspicious or fake content, you will get a notification saying that the message is from an untrusted source.

The idea that Outlook Safety Clues on the web depends on is to notify the user that the e-mail is not safe by adding a red template on a suspicious or fake e-mail and increase the awareness of the user. This inserted visual sign gives a warning to protect you from a potential tricky request or a suspicious action. Outlook Safety Clues on the Web will be presented to the Exchange Online Protection customers in the first quarter of this year.

Protection Against Information Leakage from the Inside 

Another growing area for the “Forgers” is named as “information leakage from the inside” or “peer forgery” and this way they imitate executives of companies and enter the company’s e-mail area. The e-mail looks intercorporate and makes it difficult to identify it as malevolent by existing filters. Fortunately, installed artificial intelligence features benefit from big data, strong authentication controls and Exchange Online Protection with its filters made phishing detection 500 percent stronger.

Reporting Phishing

This new feature lets the Outlook users on the web to report phishing e-mails to Microsoft by clicking “Redundant” and choose “Phishing”. “Report as phishing” dialog pops up and it contains “get more information about this subject” link. This link also gives you the option to send a copy of this report to Microsoft with “Report” or “Ignore” buttons; sending this you will help research and development technologies about e-mail safety. We hope this feature helps you identify phishing e-mails and suspicious reports better.