Anti-phishing protection - Microsoft Defender for Office 365 (2024)

Table of Contents
In this article Anti-phishing protection in EOP Additional anti-phishing protection in Microsoft Defender for Office 365 Other anti-phishing resources Feedback In this article FAQs
  • Article
  • Applies to:
    Exchange Online Protection, ✅ Microsoft Defender for Office 365 Plan 1 and Plan 2, ✅ Microsoft Defender XDR

Tip

Did you know you can try the features in Microsoft Defender XDR for Office 365 Plan 2 for free? Use the 90-day Defender for Office 365 trial at the Microsoft Defender portal trials hub. Learn about who can sign up and trial terms on Try Microsoft Defender for Office 365.

Phishing is an email attack that tries to steal sensitive information in messages that appear to be from legitimate or trusted senders. There are specific categories of phishing. For example:

  • Spear phishing uses focused, customized content that's specifically tailored to the targeted recipients (typically, after reconnaissance on the recipients by the attacker).

    See Also
    SMS Anti-Phishing - Cellusys

  • Whaling is directed at executives or other high value targets within an organization for maximum effect.

  • Business email compromise (BEC) uses forged trusted senders (financial officers, customers, trusted partners, etc.) to trick recipients into approving payments, transferring funds, or revealing customer data. Learn more by watching this video.

  • Ransomware that encrypts your data and demands payment to decrypt it almost always starts in phishing messages. Anti-phishing protection can't help you decrypt encrypted files, but it can help detect the initial phishing messages that are associated with the ransomware campaign. For more information about recovering from a ransomware attack, see Ransomware incident response playbooks.

With the growing complexity of attacks, it's even difficult for trained users to identify sophisticated phishing messages. Fortunately, Exchange Online Protection (EOP) and the additional features in Microsoft Defender for Office 365 can help.

Anti-phishing protection in EOP

Microsoft 365 organizations with mailboxes in Exchange Online or standalone EOP organizations without Exchange Online mailboxes contain the following features that help protect your organization from phishing threats:

  • Spoof intelligence: Use the spoof intelligence insight to review detected spoofed senders in messages from external and internal domains, and manually allow or block those detected senders. For more information, see Spoof intelligence insight in EOP.

  • Anti-phishing policies in EOP: Turn spoof intelligence on or off, turn unauthenticated sender indicators in Outlook on or off, and specify the action for blocked spoofed senders. For more information, see Configure anti-phishing policies in EOP.

    Honor the sender's DMARC policy when the message is detected as spoof: Control what happens to messages where the sender fails explicit DMARC checks and the DMARC policy is set to p=quarantine or p=reject. For more information, see Spoof protection and sender DMARC policies.

  • Allow or block spoofed senders in the Tenant Allow/Block List: When you override the verdict in the spoof intelligence insight, the spoofed sender becomes a manual allow or block entry that only appears on the Spoofed senders tab on the Tenant Allow/Block Lists page at https://security.microsoft.com/tenantAllowBlockList?viewid=SpoofItem. You can also manually create allow or block entries for spoofed senders before they're detected by spoof intelligence. For more information, see Spoofed senders in the Tenant Allow/Block List.

  • Implicit email authentication: EOP enhances standard email authentication checks for inbound email (SPF, DKIM, and DMARC with sender reputation, sender history, recipient history, behavioral analysis, and other advanced techniques to help identify forged senders. For more information, see Email authentication in Microsoft 365.

Additional anti-phishing protection in Microsoft Defender for Office 365

Microsoft Defender for Office 365 contains additional and more advanced anti-phishing features:

  • Anti-phishing policies in Microsoft Defender for Office 365:
    • Configure impersonation protection settings for specific message senders and sender domains, mailbox intelligence settings, and adjustable advanced phishing thresholds. For more information, see Configure anti-phishing policies in Microsoft Defender for Office 365.
    • Details about detected impersonation attempts are available in the impersonation insight. For more information, see Impersonation insight in Defender for Office 365.
    • For more information about the differences between anti-phishing policies in EOP and anti-phishing policies in Defender for Office 365, see Anti-phishing policies in Microsoft 365.
  • Campaign Views: Machine learning and other heuristics identify and analyze messages that are involved in coordinated phishing attacks against the entire service and your organization. For more information, see Campaign Views in Microsoft Defender for Office 365.
  • Attack simulation training: Admins can create fake phishing messages and send them to internal users as an education tool. For more information, see Get started using Attack simulation training.

Other anti-phishing resources

  • For end users: Protect yourself from phishing schemes and other forms of online fraud.
  • How Microsoft 365 validates the From address to prevent phishing.

Feedback

Was this page helpful?

Provide product feedback

Anti-phishing protection - Microsoft Defender for Office 365 (2024)

FAQs

Does Microsoft Defender protect against phishing? ›

In organizations with Microsoft Defender for Office 365, anti-phishing policies provide the following types of protection: The same anti-spoofing protection that's available in Exchange Online Protection (EOP). For more information, see Spoof settings. Anti-impersonation protection from other types of phishing attacks.

Read On
What is the anti-phishing policy in Office 365? ›

Anti-phishing has a default policy that applies to all recipients where anti-spoofing protection is turned on by default. Impersonation protection isn't turned on in the policy, and therefore needs to be configured. For instructions, see Configure anti-phishing policies in Microsoft Defender for Office 365.

Discover More Details
Which Microsoft 365 Defender solution can detect a phishing email? ›

Anti-phishing protection in EOP

Spoof intelligence: Use the spoof intelligence insight to review detected spoofed senders in messages from external and internal domains, and manually allow or block those detected senders.

Continue Reading
How to block phishing emails in Office 365? ›

How To Stop Phishing Emails: Office 365
  1. Office 365 comes with a comprehensive set of features to control spam.
  2. Go to Admin→Security and Compliance→Home→Mail filtering→Anti-spam settings.
  3. The admin can stick to standard settings or customize it.

See Details
Do I need another antivirus if I have Microsoft Defender? ›

If you have Defender for Endpoint, you can benefit from running Microsoft Defender Antivirus alongside another antivirus solution. For example, Endpoint detection and response (EDR) in block mode provides added protection from malicious artifacts even if Microsoft Defender Antivirus isn't the primary antivirus product.

Find Out More
What is the best anti-phishing software? ›

The Top 11 Phishing Protection Solutions include:
  • Abnormal Security.
  • Material Security.
  • Agari.
  • Avanan.
  • Barracuda Sentinel.
  • Microsoft Defender for Office 365.
  • Mimecast.
  • Proofpoint Essentials.
Jul 19, 2024

Tell Me More
How do I enable phishing protection in Office 365? ›

5 ways to prevent a phishing attack in Microsoft 365
  1. Enable Multi-Factor Authentication (MFA) Implement MFA for all user accounts. ...
  2. User Education. ...
  3. Set up Anti-Phishing Policies. ...
  4. Implement Domain-based Message Authentication, Reporting, and Conformance (DMARC) ...
  5. Regularly Update Security Software.
Jul 10, 2024

Show Me More
Does Microsoft do anything about phishing emails? ›

Spoof Intelligence from Microsoft 365 Advanced Threat Protection and Exchange Online Protection help prevent phishing messages from reaching your Outlook inbox. Outlook verifies that the sender is who they say they are and marks malicious messages as junk email.

Explore More
Where is the phishing button in Office 365? ›

Report Phishing Extension is a special button that appears on the email message taskbar in the right top corner. This allows users to easily report suspicious emails and helps organizations assess the effectiveness of their anti-phishing training.

Continue Reading
How do I permanently block phishing emails? ›

Here is how to stop spam emails:
  1. Report the email as spam.
  2. Block spam email addresses.
  3. Change your email privacy settings.
  4. Unsubscribe from unwanted newsletters or mailing lists.
  5. Use a secondary email address.
  6. Use a third-party email filter.
  7. Delete suspicious emails.
  8. Protect your device against malicious spam.
Feb 7, 2023

Show Me More

How do I bypass phishing filter in Office 365? ›

Steps to Bypass spam filtering in o365 :
  1. Log in to the O365 admin center and then click exchange.
  2. In the exchange admin center, click on Mail Flow.
  3. Navigate to rules and click on the plus icon (+).
  4. Select Bypass Spam filtering.
  5. In the new tab, Specify a name to the rule.

Read The Full Story
Which email is most likely phishing? ›

Requests for personal information: Legitimate companies won't ask for sensitive information like passwords or Social Security numbers through email. If an email tells you to verify your account by clicking a link and entering your login details, it's likely a phishing attempt.

See Details
What is the best protection against phishing? ›

How to prevent phishing attacks
  • Evaluate emails for suspicious elements. ...
  • Do not share personal information. ...
  • Block spam. ...
  • Use email security protocols. ...
  • Run a browser isolation service. ...
  • Filter harmful traffic with a secure web gateway. ...
  • Verify the message with the sender.

Get More Info Here
Is Microsoft Defender enough protection? ›

Having multiple antivirus or antimalware software installed on your device can cause conflicts and slow down your system's performance. In summary, Microsoft Defender is a sufficient protection solution for your devices, and you do not need to have another antivirus or antimalware software installed if you have it.

Continue Reading
Does Windows Defender protect against hackers? ›

Viruses, ransomware, spyware, and more are all types of malware. Microsoft Defender has powerful built-in features that can help protect your device against malware. Note: Microsoft Defender currently offers anti-malware only on Windows, Mac, and Android.

View More
What does Windows Defender defend against? ›

Windows defender is a built-in antivirus and antimalware solution provided by Microsoft for Windows operating systems. It helps protect your computer against various threats such as viruses, spyware, ransomware, and other malicious software.

View Details
Top Articles
FAOLEX
What is the different between a Like and a Follow on Facebook?
Menards Thermal Fuse
Friskies Tender And Crunchy Recall
Farepay Login
Unblocked Games Premium Worlds Hardest Game
Craigslist Campers Greenville Sc
Booknet.com Contract Marriage 2
Crime Scene Photos West Memphis Three
Gina's Pizza Port Charlotte Fl
Tcu Jaggaer
Explore Top Free Tattoo Fonts: Style Your Ink Perfectly! 🖌️
Dumb Money
Local Collector Buying Old Motorcycles Z1 KZ900 KZ 900 KZ1000 Kawasaki - wanted - by dealer - sale - craigslist
Dutchess Cleaners Boardman Ohio
Money blog: Domino's withdraws popular dips; 'we got our dream £30k kitchen for £1,000'
Mile Split Fl
Michigan cannot fire coach Sherrone Moore for cause for known NCAA violations in sign-stealing case
Khiara Keating: Manchester City and England goalkeeper convinced WSL silverware is on the horizon
Iu Spring Break 2024
Nick Pulos Height, Age, Net Worth, Girlfriend, Stunt Actor
De beste uitvaartdiensten die goede rituele diensten aanbieden voor de laatste rituelen
All Obituaries | Buie's Funeral Home | Raeford NC funeral home and cremation
Sizewise Stat Login
Yisd Home Access Center
Contracts for May 28, 2020
Fleet Farm Brainerd Mn Hours
California Online Traffic School
Sam's Club Gas Price Hilliard
Is Light Raid Hard
Gma' Deals & Steals Today
12657 Uline Way Kenosha Wi
The Clapping Song Lyrics by Belle Stars
Tripcheck Oregon Map
Wheeling Matinee Results
Dtlr On 87Th Cottage Grove
Vlocity Clm
Graphic Look Inside Jeffrey Dresser
Tamilrockers Movies 2023 Download
The Ride | Rotten Tomatoes
Craigslist Mount Pocono
Buhsd Studentvue
Live Delta Flight Status - FlightAware
The Largest Banks - ​​How to Transfer Money With Only Card Number and CVV (2024)
Santa Clara County prepares for possible ‘tripledemic,’ with mask mandates for health care settings next month
Academic Notice and Subject to Dismissal
My Eschedule Greatpeople Me
Kjccc Sports
Caphras Calculator
Syrie Funeral Home Obituary
Sapphire Pine Grove
SF bay area cars & trucks "chevrolet 50" - craigslist
Latest Posts
Lowe's
The best stock photo libraries
Article information

Author: Terence Hammes MD

Last Updated:

Views: 5917

Rating: 4.9 / 5 (69 voted)

Reviews: 92% of readers found this page helpful

Author information

Name: Terence Hammes MD

Birthday: 1992-04-11

Address: Suite 408 9446 Mercy Mews, West Roxie, CT 04904

Phone: +50312511349175

Job: Product Consulting Liaison

Hobby: Jogging, Motor sports, Nordic skating, Jigsaw puzzles, Bird watching, Nordic skating, Sculpting

Introduction: My name is Terence Hammes MD, I am a inexpensive, energetic, jolly, faithful, cheerful, proud, rich person who loves writing and wants to share my knowledge and understanding with you.