Recognizing phishing; Best practices

Oda Gyland Lindesteg


Phishing attacks continue to be a significant threat to organizations worldwide. According to this report by Egress, 94% of firms were hit by phishing attacks in 2023. As this statistic demonstrates, phishing remains a persistent threat that organizations cannot afford to ignore. Cybercriminals use deceptive tactics to trick users into revealing sensitive information, compromising security, and causing financial losses. As businesses increasingly rely on Microsoft 365 for communication and collaboration, implementing robust anti-phishing measures becomes crucial. In this blog, we’ll explore best practices to protect your organization from phishing attacks.

Familiarize yourself with common warning signs:

Unfamiliar greetings or tones

“Dear Customer” (without using your actual name) or an overly formal tone that does not match the usual communication style.

Suspicious Links or Attachments

Receiving an email with a link that seems unrelated to the sender or contains a long, convoluted URL. “Click here to claim your prize!” (with a suspicious link).

Unsolicited Messages

Receiving an unexpected email or message from an unknown sender, especially if it asks for sensitive information.

Requests for Personal Information

“We need you to update your credit card details immediately. Click this link to proceed.”

Grammar and Spelling Errors

“Your account has been compromized.
Please click here to verify your identity.” (Note the misspelled word

Inconsistencies in Email Addresses or Links

The sender’s email address is different from the official domain (e.g., “” vs. “”).

A Sense of Urgency

“Your account will be suspended in 24 hours unless you act now! Click this link to prevent it:”

Unusual Alerts Claiming You’ve Won Something

“Congratulations! You’ve won a luxury vacation. Provide your personal details to claim your prize.”

How to protect your organization from phishing attacks leveraging Microsoft 365:

Anti-phishing policies in Microsoft Defender for Office 365

Microsoft Defender for Office 365 provides powerful anti-phishing capabilities. Here is what you need to know:

  • Anti-Spoofing Protection: Leveraging the same ani-spoofing protection available in Exchange Online Protection (EOP), Microsoft Defender guards against domain impersonations and email spoofing.
  • Anti-Impersonation Protection: Beyond spoofing, it offers defense against other types of phishing attacks. You can configure custom anti-phishing policies for specific users, groups, or domains within your organization.
  • Customization: Fine-tune your anti-phishing policies in the Microsoft Defender portal or via Exchange Online PowerShell. Customize settings for message senders, sender domains, mailbox intelligence, and advanced phishing thresholds.

Email Protection with Exchange Online Protection (EOP)

Microsoft 365’s Exchange Online Protection (EOP) serves as a first line of defense against phishing emails. EOP utilizes advanced threat intelligence and machine learning algorithms to identify and block malicious content before it reaches users’ inboxes. By filtering out suspicious emails and attachments, EOP helps prevent phishing attempts from ever reaching your organization’s network.

Advanced Threat Protection (ATP)

Enhance your defense against phishing with Microsoft 365’s Advanced Threat Protection (ATP). ATP offers additional layers of security by analyzing email attachments and links in real-time to detect and block malicious content. ATP’s Safe Links feature provides URL rewriting and time-of-click verification, ensuring users are directed to safe destinations even if the original link was malicious.

Multi-Factor Authentication (MFA) with Azure Active Directory (AAD)

Implement Multi-Factor Authentication (MFA) across your organization using Azure Active Directory (AAD) in Microsoft 365. MFA adds an extra layer of security by requiring users to provide multiple forms of verification before accessing accounts or sensitive information. By leveraging MFA, you can mitigate the risk of unauthorized access resulting from compromised credentials obtained through phishing attacks.

Security Awareness Training with Microsoft Defender for Office 365

Utilize Microsoft Defender for Office 365 to educate users about phishing threats and empower them to recognize and report suspicious emails. Defender for Office 365 offers security awareness training modules that simulate phishing attacks and provide real-time feedback to help users identify phishing red flags. By fostering a culture of security awareness, you can strengthen your organization’s resilience against phishing attempts.

Best Practices for Phishing Protection in a Microsoft 365 Environment:

In addition to leveraging Microsoft 365’s security features, here are some best practices to enhance phishing protection within your organization:

  • Regular Security Updates: Keep your Microsoft 365 environment up to date with the latest security patches and updates to mitigate vulnerabilities that attackers might exploit in phishing campaigns.
  • Enforce Policies and Procedures: Establish and enforce security policies governing email usage, password management, and data handling to reduce the risk of phishing-related incidents.
  • Monitor and Analyze Threats: Utilize Microsoft 365’s threat detection and reporting capabilities to monitor phishing attempts, analyze trends, and proactively respond to emerging threats.
  • User Education and Awareness: Provide ongoing training to users on identifying phishing attempts and encourage them to report suspicious emails promptly. Education ideas to keep employee’s alert:
    • Anti-phishing training; how to spot phishing.
    • Phishing simulation – Attempt to do a fake phishing attack on your employees – track how many pressed the fake links, answered the mail, reported the mail, etc.
    • Conduct phishing simulation campaigns that provide real-world experiences. Do this regularly as a part of your company-wide security protocols.
    • Keep tabs on latest cybersecurity events, scams, and risks.
    • Let your employees know how and whom to report suspicious emails or phishing attempts.


Phishing attacks pose a significant threat to individuals and organizations, leveraging deception to exploit human vulnerabilities in the digital landscape. By incorporating Microsoft 365’s robust security features and implementing best practices for phishing protection, you can fortify your defenses against these malicious tactics. Remember, proactive measures, user education, and leveraging advanced technologies are essential components of a comprehensive phishing protection strategy in today’s evolving cybersecurity landscape.

Want to learn more about understanding phishing in emails? Read this blog: Understanding Phishing Emails: How to Spot and Avoid Them – Infotechtion

Need help getting started, contact us to learn more about how to protect your organization from cyber-attacks.

 © 2024 Infotechtion. All rights reserved 


By submitting this form you agree that Infotechtion will store your details and send future resources. You may opt-out any time.

Recent posts

Job application.

Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorestandard dummy text ever since.

Please fill the form

Job application.

Join Infotechtion for an impactful career filled with passion, innovation, and growth. Embrace diversity, collaboration, and continuous learning. Discover your potential with us. Exciting opportunities await!

Please fill the form

By submitting the form, you confirm that you do not require a visa sponsorship to work in the country of application.