Gone Phishing? Tips to Avoid Email Compromise

6/20/2019 - By Jason Keith, CIA

Email hacking isn’t new but for Microsoft CEO, Satya Nadella, Office 365 “O365” and it's 180 million active users and counting, it could become a crisis. With more than 4 million new users a month, the rapid corporate adoption of this platform makes it a huge target for the hacker community. According to Juniper Research, the global cost for cybercrime has the capability of reaching $2 trillion by the end of 2019. With $2 trillion you could buy the NFL franchise, the entire Apple company and still have pocket change to spend $1 million a day for over 3,000 years.

Cofense PhishMe, a security awareness and solutions company, conducted a research campaign on 1,000 of its customers and concluded that 91% of cyber-attacks are the result of phishing emails. Phishing is a fraudulent attempt to obtain sensitive information by distinguishing oneself as a trustworthy entity in the form of electronic communication. 

With phishing becoming a rapid problem, the Department of Homeland Security NCCIC released Analysis Report (AR19-133A) in May of this year that included suggestions and observations for O365 implementations. In the report the Cyber Security Infrastructure Agency (CISA) made the following five suggestions:

  • Use multi-factor authentication (suggested for administrator but should be utilized by all)
  • Enable unified audit logging (newer implementations likely do this automatically)
  • Enable mailbox auditing for users (again newer implementations likely do this automatically)
  • Ensure Azure AD password sync is configured correctly prior to user migration
  • Disable legacy email protocols  

The best suggestion from the CISA to protect your environment is to use multi-factor authentication. It isn’t perfect but it does make you less susceptible to a hack than many others. Proper authentication doesn’t always require a text to your phone at login. Consider the following actions to further harden your O365 implementation:

  • Remove remote Powershell from O365
  • Enhance your training with phishing campaigns and train on weaknesses identified
  • Know your Microsoft secure score and consider improving it by taking a closer look at the control list of actions worth improving
  • Verify that outsourced providers have taken reasonable security precautions because you don’t want to find out the hard way

Securing your email environment is possibly one of the most cost-effective ways you can prevent yourself from becoming a part of a phishing scam. Please email me or contact a member of our Information Technology team to learn more about how you can prevent a cybersecurity attack.  

About the Author | Jason Keith, CIA
Jason is a consultant in the Financial Institution Advisory Group of Saltmarsh, Cleaveland & Gund. Jason specializes in technology solutions for various practice areas within financial institutions. Over the past 18 years, he has served in financial institutions as a Compliance Officer, Internal Bank Director, Operations Officer, Credit Administration Officer, Lender, Accountant, Chief Information Officer, Internal Auditor, and Risk Officer. 

Related Posts