That’s the sign cybercriminals are posting as they bait and hook unsuspecting Microsoft 365 users. Using “look-a-like” and “looks-legit” emails as bait, these 'phishers' hope to catch usernames and passwords that could be used to steal or extort money from corporations and their customers around the world.
The FBI reported that phishing incidents increased by almost 50% last year, up from 114,702 attacks in 2019 to 241,324 in 2020. These phishing schemes can be very costly for businesses without proper protections in place. Recent news reports about companies paying millions of dollars to retrieve stolen data or gain access back into their operating systems should concern companies of all sizes.
Luckily for organizations using Microsoft 365, Azure Active Directory (Azure AD) provides integrated security tools to help mitigate these types of attacks.
A phishing email will always contain a link that takes the unsuspecting user to a legitimate looking sign-in page. The user believes this is the real Microsoft login page because it’s made to look identical. However, once they enter their username and password, the hackers have stolen that information and now have access to all the user’s data, including their contact list. Next, the hackers pose as one of those trusted contacts in order to gain even more confidential information.
Azure Active Directory and its built-in Identity Protection detects suspicious phishing and sign-in attempts using the following alerts:
Azure AD Threat Intelligence Detection – any unusual sign-in activity against a pre-determined behavioral analysis
There are other safeguards that Active Directory’s Identity Protection provides in addition to these, including leaked credentials and other types of user risk. A full list can be found here. And in March of this year, Microsoft announced its “Zero Trust” security model, which seeks to provide additional online security and protection by using the internet as the default network with a strong identity, device health enforcement, and least privilege access.
When enterprise data is compromised, it can take months to find out — and even longer to track down the cause. For an even stronger layer of protection against phishing attacks and other cybercrimes, check out CoreSuite, CoreView’s SaaS management platform for Microsoft 365. Better yet why not take our free Microsoft 365 Health Check right now?