Over the last few months we have seen an increase in the number of phishing emails received by our customers; especially those designed to steal Office 365 login credentials. These credential stealing attempts are getting more and more audacious and sophisticated, but luckily there are a couple of steps you can take to stop them in their tracks!
You may have heard of Multifactor Authentication (MFA) under a different name; possibly Two Factor Authentication (2FA). The principle behind this is that in order to login to a service you need something you know (e.g. your username and password) and something you have – usually a constantly changing six-digit code generated by a mobile app or sent to you via SMS.
If you can’t prove you are you by entering the security code or approving the sign in request on your mobile, you aren’t getting in! Therefore, even if a member of staff has been tricked by a phishing email into entering their Office 365 credentials on a dodgy website, the attacker won’t be able to log in as them due to not being able to provide the security code – woohoo!
Locking things down further with Conditional Access
The authentication back end for Office 365 is Azure Active Directory, which just happens to have a very useful feature called Conditional Access.
Conditional Access allows you to specify rules to permit or deny login depending on certain criteria being met. For example, you could specify that only Window’s users with a compliant device in the United Kingdom can log into Exchange Online.
If someone gets hold of your credentials and tries to log into your email from a MacBook in France, their login attempt will be blocked and logged.
Ultimately user education is the best method of preventing login credentials and other sensitive information being stolen by scammers. However, the technological solutions I’ve touched on go a long way to making phishing attacks a waste of time for those that carry them out.
Microsoft has also just launched Office 365 Advanced Threat Protection that employs thousands of experts across the globe, scanning 400 billion emails, 1.2 billion devices, 450 billion authentications every single month. Microsoft utilises this data to block spam emails and phishing attacks. And, if something manages to sneak through it is able to “detonate” unsavoury links and attachments before they do any harm to the computer.