Anti-phishing policies
In addition to Safe Links, Microsoft Defender for Office 365 implements anti-phishing policies to protect against identity spoofing and fraudulent email attempts. These policies are driven by cutting-edge machine learning models and advanced analysis techniques, operating in the following manner (Microsoft, 2023):
- User and domain impersonation protection: These policies effectively detect and flag emails that try to mimic well-known usernames and domain names, diminishing the success rate of spear-phishing attempts that rely on impersonating trusted entities. Examples of the types of attack this protects against are when an attacker sends an urgent email pretending to be an executive to a help desk to get administrators to click on a malicious link, or even when the attacker sends malicious messages to external entities via compromised parts of a victim’s infrastructure as seen in business email compromise attacks. In this typical type of attack...