Phishing Protection In Outlook and Office 365

There are four ways that a typical business user on a Microsoft Outlook/Exchange/Office 365 platform can utilize.  While these may not be perfect, and all of them have issues, applying these solutions will help prevent your users for falling victim to phishing emails.  These solutions are additive, and each additional solution deployed provides a further layer of protection.

Junk Mail Filter – Outlook comes with a built-in Junk Mail filter that, while not perfect, is actually pretty good at detecting spam and phishing exploits.

Exchange – The Outlook Junk Mail functionality can be improved by implementing junk mail rules on the Exchange server using Cached Exchange Mode or PST files on the server to push the rules to the clients.

Disable Hyperlinks – Using Group Policy, you could disable hyperlinks in emails completely.  This will not be popular with your user base, and will require them to copy and paste links into a browser.  While this will take the heart out of most link-based phishing exploits, and will kill legitimate links as well as malicious links.  This does nothing against phishing emails with email attachments,

Advanced Threat Protection in O365 – ATP safe links are cloud-based version of Outlook’s junk mail filter, and rules can be applied at the individual, group, or organizational level.  When ATP is applied, incoming emails (when they contain hyperlinks) are run through a series of filters that analyze the message header.   These filters look at IP and envelope filters, and run the message through signature-based anti-malware scans, and anti-spam filters. If found to be safe the message is sent on to the recipient.

Phishing Detection and Resistance Training – It is also a good idea to provide some training on how to determine whether an email is a phishing email or not.  There are many organizations you could choose from to provide the training.  Professionally, phishing awareness and cybersecurity awareness training is about 35% of my month.  Most of the employees I have trained enjoyed the experience, and walked away with useful tools to use at work and in their personal life.

These techniques, for the most part, are low cost and easy to implement.  Used together, they will stop most of your problems with phishing.


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.