Phishing Protection In Outlook and Office 365

There are four ways that a typical business user on a Microsoft Outlook/Exchange/Office 365 platform can utilize.  While these may not be perfect, and all of them have issues, applying these solutions will help prevent your users for falling victim to phishing emails.  These solutions are additive, and each additional solution deployed provides a further layer of protection.

Junk Mail Filter – Outlook comes with a built-in Junk Mail filter that, while not perfect, is actually pretty good at detecting spam and phishing exploits.

Exchange – The Outlook Junk Mail functionality can be improved by implementing junk mail rules on the Exchange server using Cached Exchange Mode or PST files on the server to push the rules to the clients.

Disable Hyperlinks – Using Group Policy, you could disable hyperlinks in emails completely.  This will not be popular with your user base, and will require them to copy and paste links into a browser.  While this will take the heart out of most link-based phishing exploits, and will kill legitimate links as well as malicious links.  This does nothing against phishing emails with email attachments,

Advanced Threat Protection in O365 – ATP safe links are cloud-based version of Outlook’s junk mail filter, and rules can be applied at the individual, group, or organizational level.  When ATP is applied, incoming emails (when they contain hyperlinks) are run through a series of filters that analyze the message header.   These filters look at IP and envelope filters, and run the message through signature-based anti-malware scans, and anti-spam filters. If found to be safe the message is sent on to the recipient.

Phishing Detection and Resistance Training – It is also a good idea to provide some training on how to determine whether an email is a phishing email or not.  There are many organizations you could choose from to provide the training.  Professionally, phishing awareness and cybersecurity awareness training is about 35% of my month.  Most of the employees I have trained enjoyed the experience, and walked away with useful tools to use at work and in their personal life.

These techniques, for the most part, are low cost and easy to implement.  Used together, they will stop most of your problems with phishing.


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.