Microsoft’s Enhanced Anti-Spoofing Technology Offers Office 365 Users More Secure Email

Last week, my brother called and told me that someone hacked my email and was spamming him. I looked at my email, didn’t notice any weird messages being sent from my account, so I asked him to take a screenshot of the email he’d gotten and to send it to me. When I got it, I looked at the sender and noticed something wrong. It was from an email that looked like mine but wasn’t coming from the correct domain name. It read, shawn.lyles@upi234.com instead of my actual email, which is shawn.lyles@emailbloom.com, as example.

My brother was a victim of email spoofing. He thought my email account was hacked and I was spamming him. I reminded him of my correct email. I also told him he should always pay attention to the domain name following the @ symbol in emails he receives. If my brother didn’t notice it was a spam message and clicked on the links in the email, he could have a serious security breach on his system. Yet, he was still fooled by the sender in thinking it was coming from my email account.

Email spoofing is becoming more popular with hackers and spammers and has increased dramatically, this year. That’s why it’s more important than ever to keep your email secure and to be aware of these increasing attacks.

What is Microsoft doing to help?

Microsoft is continuing to better defend against email spoofing and aims to be the industry leader in email security.

Microsoft believes their new enhanced anti-spoofing capabilities for Office 365 Advanced Threat Protection (ATP), will assist in securing industry wide email.

What does Microsoft’s enhanced anti-spoofing technology do?

Microsoft’s new anti-spoofing capabilities raise the required level of authentication checks for emails sent into Office 365 accounts, by checking for forgery in the ‘From: header’. This helps to protect against spoofed emails being sent from external domains.

For external domains, Office 365 ATP first checks if the email passes SPF, DKIM, and DMARC. If the email doesn’t pass, Office 365 ATP will check for historical sending patterns for that domain and its associated infrastructure. If it detects any unknown patterns or anomalies it will proceed to junk the message, depending on the sender’s reputation. Microsoft’s ant-spoof technology consistently evolves and enhances itself based on the mail flow patterns it observes.

Office 365 ATP customers can access the spoof intelligence report in their Anti-spam Policy, to obtain insights into domains being flagged as spoof mail. From there, administrators can take action on determining the legitimacy of those emails.

Learn more about spoof intelligence here.