Microsoft 365 Products & Features For Advanced Spam Protection

Back in the early days of the internet and email systems, spam mail would just be rubbish messages such as “Make $5000 a week from X!” or “Growth pills to make you gain muscle quick!”.  These days, spam mail has grown to be much more diverse, and sometimes critically dangerous, in nature.  That’s why, this week, we’re discussing Advanced Spam protection and how it differs from standard Spam Protection.

Spam mail now can target businesses in the form of attacks on both the recipient, as well as networked systems they have access to. Which means everything your workplace runs and all the data in it.

Advanced Spam Filtering helps weed out attacks before they hit your unwitting employees’ inboxes, and can even help reduce your cybersecurity insurance premiums.

Why is spam such a big deal in the workplace?

The type of spam that gets filtered in the workplace is what should be of concern to those in charge.

If emails from that clothing sales Jo in Accounts signed up for are getting through to her Inbox it probably isn’t too worrying, unless you’re concerned about her productivity and she’s not hitting her KPIs.

What is a concern is phishing emails. These are the type of emails that aren’t just “junk mail”, but malicious in nature.

Email scams are evolving

There may be emails that you can easily tell are a scam. Perhaps “tech support” from Windows contacting you, when your whole office runs Mac, or the old Nigerian prince asking for money.

However, phishing and spear-phishing emails have progressed in their maturity, and are now far more convincing, professional, and ultimately (seemingly) trustworthy.

If an official-looking email lands in your inbox that looks just like an invoice from a supplier you already work with, and there’s a link to click to “pay your account”, do you just click it? Do you usually click to pay the account? Is the email address from their domain?

Phishing emails can be hard to spot with the naked eye

Much like you’ve been implementing more advanced technology into your workplace, scammers are also becoming more advanced in their approach to helping funnel funds to their bank accounts, gain access to your systems to steal proprietary info, or hold your data and systems to ransom.

Unfortunately, these smart phishing attempts and whaling (going for the big fish, like the CEO) have become pretty good at slipping past human judgement.

One of the more recent scams that people have fallen for is the mygov scam – which clones the mygov website, eliciting your bank details to send to the “ATO”.  Ransomware is common, where your files are locked up until you pay a ransom – which can be crippling for business.

These sort of scams usually arrive via email.

What Is Advanced Spam Protection?

Advanced Spam Protection is essential for business email systems. If you have an advanced spam filter in place, it’ll give you more protection and help to stop these types of attacks slipping through the gaps. A machine can often be better than a human at deciding whether an email (or attachment) is legitimate or not.

But isn’t spam filtering automatic?

Regardless of your email provider service, there will already be a spam filter in place. But just how good is that filter on its own? Taking a look at an example default Gmail spam folder, you can see what’s in there:

Nothing particularly interesting, and all looking legitimate. Engadget might be annoyed to know their updates are always hitting the Spam folder though.

However, this is only with the default filter set.

There are also “regular” spam filters that administrators can set such as:

• A “safe list” of sender domains, so that all other emails get sent to quarantine or deleted
• A “banned list” to ban specific domains
• Sender country blocking or language blocking
• Automatic quarantining or deletion of bulk email
• Adding headers to messages to let the recipient know a message may be spam
• Spam redirection to another mailbox
• Send only to select users
• Other custom rules

You can view how to do this if you’re Microsoft 365 Administrator with Exchange privileges over at Microsoft.

Will this be enough to stop a scam email coming through though? That’s why you should investigate Advanced Spam Filtering.

How does an Advanced Spam Filter work for business?

An Advanced Spam Filter is set up by account administrators within your business. It goes even further than custom rules set up for spam filtering.

Using Advanced Spam Protection adds weights to certain elements of an email, so if it hits a certain number, then it will be sent to spam.

You can weight elements of an incoming email such as:

• Numeric IP address in URL
• JavaScript or VBScript in HTML
• Keywords
• Embed tags in HTML
• And more

Microsoft 365 administrators can take a closer look at Advanced spam filtering options for more info. This functionality also allows you to test out your spam filtering options before sending it live in the workplace.

Microsoft 365 Products & Features Against Spam

Exchange Online Protection (EOP)

What it Does:
EOP is built into Microsoft 365 and serves as a cloud-based filtering service that helps protect your organization against spam and malware. Exchange Online Protection serves as the first line of defense against malicious content. Built into Microsoft 365, EOP is a cloud-based filtering service that sifts through incoming and outgoing messages to detect spam, malware, and harmful links. Its real-time analytics adapt to evolving threats, ensuring that the most current forms of attack are caught and filtered out.

Multi-layered Protection: EOP uses multiple layers of filtering, including connection, content, and policy filters, to keep your inbox clean.

Zero-hour Outbreak Policy: Immediate response to adapt to quickly changing spam algorithms.

Policy Customization: Allows administrators to customize spam filtering according to the organization’s unique needs.

Advanced Threat Protection (ATP)

What it Does:
While Exchange Online Protection focuses on general spam filtering, Advanced Threat Protection goes a step further by targeting sophisticated attacks like phishing schemes and zero-day malware. Its real-time protection not only scans emails but also attachments and web links, preventing malicious content from compromising your systems.

Real-time Scanning: All incoming and outgoing emails are scanned in real time.

Safe Attachments: Scans attachments in a sandbox environment before they reach your inbox.

Safe Links: Scans URLs in emails and redirects users to a warning page if malicious links are detected.

Phishing Attack Shield: Specifically designed to recognize phishing attempts and prevent them from reaching your inbox.

Email Message Encryption

What it Does:
Microsoft 365 Message Encryption (for Microsoft 365 E3) or Microsoft Purview Message Encryption (for Microsoft 365 E5) offers a level of protection that ensures your sensitive emails remain secure, both during transmission and when stored. It enables you to send encrypted email messages so that only intended recipients who authenticate themselves can decrypt and read them. You can enforce specific encryption rules to ensure compliance with regulations like GDPR, HIPAA, or any other custom requirement.

End-to-End Encryption: Messages are encrypted both in transit and at rest.

Customizable Rules: Allows encryption rules to be tailored to specific compliance needs, like GDPR or HIPAA.

User Verification: Receivers are verified before they can view the encrypted content.

Secure/Multipurpose Internet Mail Extensions (S/MIME)

What it Does:
S/MIME provides an added layer of security by enabling public key encryption for MIME-based messages. It offers more than just encryption; it provides message integrity and sender authentication. Digital signatures ensure that messages aren’t altered in transit, providing another layer of protection against spam and phishing attempts.

Public Key Infrastructure: Enhanced authentication through the use of a public and private key.

Digital Signatures: Provides integrity by ensuring the message was not altered during transmission.

Message-level Security: Offers higher granularity in message encryption compared to transport-level encryption.

Custom Configuration: Blacklists and Whitelists

Add trusted email addresses to a whitelist to ensure they bypass spam filters, and add suspected spam addresses to a blacklist to block them.

Custom Configuration: Transport Rules

You can set up specific rules that apply to emails in transit, flagging or rerouting messages based on predefined conditions.

How should I set up my Advanced Spam Protection?

Each workplace is different and will require different rules. Unfortunately, if you don’t have someone skilled in the art of setting spam filters on your team, it might take a lot of reading, testing, and perfecting to get right. It’ll also require monitoring, as your needs change.

If you are looking for guidance, someone to help set up your Advanced Spam Protection, or even education and administrator training on the topic so that you can implement some solid filtering in your workplace, then make sure to get in contact with us at A1 Technologies. We have plenty of experiencing in email filtering and protection and would be more than happy to help strengthen your systems against the threat of incoming phishing attempts. Get in touch now!

Julia Sinclair-Jones

Tech writer and ex-software developer with a penchant for travel, techno, and data. Spreading the word of secure, manageable, optimised IT solutions for everyone.