Gone Phishing? Tips to Avoid Email Compromise

6/20/2019 - By Jason Keith, CIA

Email hacking isn’t new but for Microsoft CEO, Satya Nadella, Office 365 “O365” and it's 180 million active users and counting, it could become a crisis. With more than 4 million new users a month, the rapid corporate adoption of this platform makes it a huge target for the hacker community. According to Juniper Research, the global cost for cybercrime has the capability of reaching $2 trillion by the end of 2019. With $2 trillion you could buy the NFL franchise, the entire Apple company and still have pocket change to spend $1 million a day for over 3,000 years.

Cofense PhishMe, a security awareness and solutions company, conducted a research campaign on 1,000 of its customers and concluded that 91% of cyber-attacks are the result of phishing emails. Phishing is a fraudulent attempt to obtain sensitive information by distinguishing oneself as a trustworthy entity in the form of electronic communication.

With phishing becoming a rapid problem, the Department of Homeland Security NCCIC released Analysis Report (AR19-133A) in May of this year that included suggestions and observations for O365 implementations. In the report the Cyber Security Infrastructure Agency (CISA) made the following five suggestions:

Use multi-factor authentication (suggested for administrator but should be utilized by all)
Enable unified audit logging (newer implementations likely do this automatically)
Enable mailbox auditing for users (again newer implementations likely do this automatically)
Ensure Azure AD password sync is configured correctly prior to user migration
Disable legacy email protocols

The best suggestion from the CISA to protect your environment is to use multi-factor authentication. It isn’t perfect but it does make you less susceptible to a hack than many others. Proper authentication doesn’t always require a text to your phone at login. Consider the following actions to further harden your O365 implementation:

Remove remote Powershell from O365
Enhance your training with phishing campaigns and train on weaknesses identified
Know your Microsoft secure score and consider improving it by taking a closer look at the control list of actions worth improving
Verify that outsourced providers have taken reasonable security precautions because you don’t want to find out the hard way

Securing your email environment is possibly one of the most cost-effective ways you can prevent yourself from becoming a part of a phishing scam. Please email me or contact a member of our Information Technology team to learn more about how you can prevent a cybersecurity attack.

About the Author | Jason Keith, CIA
Jason is a consultant in the Financial Institution Advisory Group of Saltmarsh, Cleaveland & Gund. Jason specializes in technology solutions for various practice areas within financial institutions. Over the past 18 years, he has served in financial institutions as a Compliance Officer, Internal Bank Director, Operations Officer, Credit Administration Officer, Lender, Accountant, Chief Information Officer, Internal Auditor, and Risk Officer.