Socially Engineered Attacks: Secure Office 365 Email
While you’re moving your email to the cloud and enjoying the ubiquitous, always-on benefits, be sure you don’t sabotage your experience with a weak security solution.
Many security companies base their approach on legacy secure email gateway architectures which won’t protect you from modern business email compromise threats.
Agari takes a new approach to email security by looking at sender identity (not just URLs or malware) and can protect you from:
- Attacks attempting to fool human perception
- Socially-engineered attacks
- Email spoofing
- Untrusted senders of email
To learn more about Agari’s approach and how we can secure you while you migrate to the cloud, view our infographic.
Office 365 includes Exchange Online Protection (EOP) for basic email security, focusing on spam and virus detection. At an additional cost, you can add Advanced Threat Protection (ATP). Like virtually all other gateway solutions, these controls attempt to stop attacks by looking for malicious content, attachments, URLs, and evidence of bad behavior. However, attackers can easily evade these protections by impersonating trusted individuals, partners or brands and avoiding the use of malicious content. These attacks are bypassing EOP and ATP, as well as next generation approaches that examine content.
EOP is perfect for:
- New and existing spam attacks
- Malware/malicious attachments
- URL-based phishing
EOP cannot stop:
- Low-volume, targeted email attacks
- Zero-day attacks with no existing signatures
- Social engineering-based attacks with no malicious content
- Business email compromise and spear phishing attacks that use identity deception
A View From the Trenches
Customer: Leading provider of cloud solutions
Environment: Microsoft Office 365 with EOP
Attacker goal: To obtain credentials for organization’s AWS account
Tactic: Carefully crafted email with no malicious content targeting AWS admin
Caught by EOP? No
Caught by Office 365 custom rules? No
Caught by Agari Trust Analytics: Yes
Fortify Office 365 With Trust-based Security Which Attackers Can’t Evade
Other approaches rely on trying to predict or detect bad behavior or malicious content. This works if attackers don’t evolve and innovate. Only Agari creates a model of trusted email by analyzing your organization’s inbound email and correlating it with billions of emails every day from the world’s largest email providers, including Google, Microsoft and Yahoo. Then, that trust model is used to categorize and prevent attacks using identity deception from reaching your employees’ inboxes.
Office 365 + Agari: An Unbeatable Combination
- Cloud-native architecture for seamless integration with Office 365
- Eliminates need for custom Office 365 filters or broad quarantine rules
- Stops sophisticated email attacks that evade email content filters