How to Secure Your Microsoft Cloud Estate from Phishing Emails

Written by Six Degrees on 8 February 2021 in Sponsored Article
Sponsored Article

Phishing emails are one of the most pernicious threats facing organisations today. If you’ve been leveraging Microsoft 365 and Azure to keep your users productive whilst working remotely, Six Degrees offers some steps you should take to secure your deployment and protect your organisation from phishing emails.

Phishing emails are one of the most significant cyber threats facing your organisation today. Designed to evade both technical and human defences, phishing emails will remain one of the main threat vectors that hackers use to deliver both ransomware and business email compromise (BEC) attacks in 2021.

What are phishing emails? Phishing emails are sent by cybercriminals, and they pretend to be from someone you trust like your bank or your local council. Their goal is to convince you to do something which they can use to their advantage, such as click on a link to a malicious website or provide login and other personal details.

Your organisation needs to know how to be better at defending against phishing emails. This includes training your people to identify them, implementing processes to deal with them, and hardening your infrastructure to reduce the chance of a phishing email becoming a launchpad for a ransomware or BEC attack.

Secure Your Microsoft Cloud Estate

If you’ve been leveraging Microsoft 365 and Azure to keep your users productive whilst working remotely, there is functionality available to you in these products that will secure your deployment and protect your organisation from phishing emails. Here are the top six, according to our cyber security experts.

  • Enable spam and virus filters. Ensure all filters are enabled and turned on to block and alert mode to ensure known malicious emails are detected and treated well before they are able to enter a user’s mailbox.
  • File type and file analysis. Enable or whitelist file extensions that are used by your organisation so that all others are blocked by default. If your organisation does not use macro-enabled xlsx documents, make sure they are blocked by default.
  • Sandboxing. Most cloud provider email scrubbing systems have the ability to open a suspected email within a segregated safe area to ensure there are no malicious files hidden within. Enabling this feature allows real-time analysis to be performed before it hits a user’s machine.
  • URL inspection. Most cloud providers have the ability to inspect any web links that are contained within the body of an email to determine if the destination is malicious. This is critical to protect against even the most diligent of users against watering hole attacks. Note: A watering hole attack works by identifying a website that's frequented by users within a targeted organisation, or even an entire sector. The website is then compromised to enable the distribution of malware.
  • Domain impersonation/similarity. Mail scrubbing services have an ability to compare the sender information name, domain etc. to known contacts your users deal with. Doman impersonation or similarity is detected as opposed to the user examining in close detail if the name is spelt wrong.
  • SPF/DKIM/DMARC configuration. Sender Policy Framework, Domain Keys Identified Mail and Domain-based Message Authentication, Reporting and Conformance are security controls built into the email infrastructure that confirm originating emails come from a registered server, are not altered or changed from destination and receiving servers, and upon failure of these control parameters can instruct what happens to the email itself.

By following these six configuration steps, you will go some way towards protecting your organisation from phishing emails and the malicious payloads they are designed to deliver. But there’s always more you can do. We’ve provided an additional six steps you can take in our new phishing infographic, which you can download for free from our website.

Secure Your Microsoft Cloud Estate

Microsoft 365 and Azure are keeping organisations running in 2021, giving people the tools they need to deliver essential services whilst working remotely. But this increased reliance on Microsoft cloud services has meant that hackers are targeting them more than ever before to launch ransomware and BEC attacks. As recent high-profile attacks have shown, the damage they can cause to organisations and their residents and citizens is significant.

To book a free Microsoft Cloud Security Assessment with one of our experts that will help you secure your Microsoft 365 and Azure deployments to protect your people and the communities you support, click here and fill out a simple form.

Share this page



Related Articles

Cabinet Office has striven to become anti-fraud leader, leader says
17 May 2023

Permanent secretary Alex Chisholm tells MPs that his department has adopted new measures and worked to increase skills

UK has potential to be cyber ‘world leader’, report finds
3 May 2023

Think tank study praise ‘whole-of-society approach’ to policy but encourages development of specialist workforce

ICO urges Capita customers to ‘check their position’ after 90 organisations report data breaches
31 May 2023

Technology services firm has revealed two data-compromising incidents in recent week


MoD begins work on IT system to register and track evacuees from crisis zones
30 May 2023

Ministry reveals it has begun work on concept phase of potential software tool to manage information on 10,000 people

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...