A blog post the other day (Email Safety Tips in Office 365) details a new Safety Tips feature of O365 which provides an additional layer of protection via a warning to the user in an email that is marked suspicious, or a reassurance when a message is safe.
This feature is unique in that only Office 365 & Exchange Online Protection can integrate with the Outlook client to provide this level of transparency.
Folks evaluating other solutions like mail gateways or 3rd party filtering solutions should understand how these capabilities can help uniquely protect their organization by simply involving the end user in the process of determining the threat at the time the email is viewed by the user.
SOCIAL ENGINEERING THREATS
For example: Automated threat filtering is fine if threats are emailed as part of an attachment. But what if the threat is written, i.e. the ‘threat’ is simple social engineering encouraging a user to send vulnerable data to the attacker – posing as someone in an authority position like IT? These are the things that Safety Tips can help flag to the end user.
For the more technical, the blog below details the under-the-hood changes to EOP that make some of this possible.
- BLOG: How antispoofing protection works in Office 365