Editor’s Note: This blog post has since been updated, you can see the updated version of this blog post here.
You’ve heard the statistics… more than 70% of all business users will be provisioned with cloud office applications in the next two years, including email. It’s an overdue modernization that eliminates physical infrastructure to drive cost savings and integrate services for improved productivity.
Chasing this move, cybercriminals intent on account takeover are evolving their tactics, targeting end users with various identity deception scams. Their evolving tactics and your defenses against them deserve a closer look.
Email remains the number one threat vector for data breaches. And Microsoft itself is the number one abused brand when it comes to impersonation email attacks. Common spoofing tactics include malicious emails disguised as Microsoft Office 365 password updates and invitations to edit a OneDrive document linking to a spearphishing page.
So on the one hand, implementing Office 365 can drive triple-digit ROI. On the other, business email compromise and spear phishing can wipe out the most robust ROI with just one successful attack that results in an account takeover, unauthorized transfer of cash, or loss of intellectual property or sensitive information.
Particularly with the addition of Microsoft Exchange Online Protection (EOP) and Advanced Threat Protection (ATP), Microsoft Office 365 is better protected than any platform that came before it.
Key capabilities such as anti-spam, virus/malware detection, and data loss prevention traditionally found in the secure email gateway have been integrated as native capabilities in the platform. Microsoft’s anti-malware and anti-spam features are often recognized by the marketplace as more impactful than the major SEGs.
With basic email security covered by Microsoft Office 365, many organizations have eliminated their secure email gateway. Meanwhile, attack sophistication has evolved from content-based techniques such as malware and unsafe URLs, to crimes of identity deception that signature-based controls are ill-equipped to address.
Advanced email attacks can appear as plain text messages targeting basic human emotions such as fear, anxiety, and curiosity. These socially-engineered attacks trick unsuspecting users into believing they are interacting with a legitimate person or service, when if fact they are being conned.
Agari delivers important capabilities to protect against identity-deception attacks, secure the corporate email sending domain, and detect and respond to threats that have either evaded initial detection or have weaponized post-delivery. These capabilities support cloud-based, on-premises, and hybrid email environments.
This is why enterprises who have adopted Microsoft Office 365 are choosing to pair that investment with the Secure Email Cloud. In fact, two-thirds of Agari customers with Microsoft Office 365 do not use a secure email gateway.
The Secure Email Cloud differs in several remarkable ways from legacy security controls, especially when paired with the built-in controls of Microsoft Office 365. Let’s peel back the layers.
Through the power of predictive AI and advanced machine learning, the Secure Email Cloud fundamentally transforms email security from event-based inspection of incoming messages to continuous detection and response of newly discovered threats. This includes new messages as well as those that have already passed initial inspection and reached the inbox.
This approach stops 99.9% of advanced email attacks, including those that organizations have not seen before, and can delete messages from Microsoft Office 365 inboxes that weaponize after initial security screening. Here’s how it works.
Agari uses what we call the Agari Identity Graph™ to map trust and authenticity relationships between individuals, brands, businesses, services, and domains. We even model organizations within businesses and geographic relationships. The Agari Identity Graph is informed by telematics from around 2 trillion emails annually. It models and scores emails and sending behaviors to the level of around 300 million model updates each day.
The novelty in this approach is that rather than detecting known signatures of malicious email or using static lists of trusted senders or domains, Agari dynamically models the good to detect the bad. Based on mathematical divergence in the scoring from known good emails, Agari applies human-like intelligence and decision making based on tailorable policies to detect and respond to malicious messages.
Agari also automates the processes involved in Domain-based Messaging, Authentication, Reporting, and Compliance (DMARC), making it easy to authenticate messaging and reach enforcement. This prevents cybercriminals from impersonating the brand via email and the associated BEC attacks targeting employees through executive spoofing and customers through consumer phishing and fake invoicing attacks.
The next-generation Secure Email Cloud has distinct advantages for Microsoft Office 365 deployments. It’s a cloud-native offering that augments the native security controls found in Microsoft Office 365, and can remove messages from inboxes that have already passed initial security screening.
That is part of the reason why leading organizations including Honeywell, JPMorgan Chase, Aetna, Apple, Facebook, the United States Senate, Comcast, Air Canada, Apria Healthcare, Google, and even Microsoft choose Agari to protect their customers, employees, and partners against advanced email attacks.