BusinessCyber SecurityTechnology

Office 365 AntiThreat Protection(ATP): Putting Up A Battle Against Phishing Threats and Malware Attacks

By May 17, 2019 No Comments
ATP flow

The modern workplace is changing and how! With new malware campaigns launching daily and security breaches dramatically increasing, organizations must take care security measures to protect themselves. Its not just the big corporate names getting affected, small businesses are equally on the target list.

Avanan’s Global Phish Report 2019 reveals 1 of 99 emails is a part of recent phishing attempts 2019 that involves malicious links or attachments. Since most of the cyber attacks begin with a phishing email, putting up a security measure against your emails could be the most important aspect of your anti-phishing campaign.

Office 365 Advanced Threat Protection (ATP), a cloud-based email filtering system comes as an add-on feature with Exchange Online Protection (EOP), the default email scanning service in Office 365.

Before we talk about Office 365 Advanced Threat Protection in detail, let us have a look at how inbound filtering works in Office 365.


Office 365 inbound filtering

Note: Office 365 Advanced Threat Protection is a part of Microsoft Office 365 Business, Office 365 Enterprise E5 and Office 365 Education A5.


Office 365 ATP protects business from any incoming viruses and malware. The system comes with URL tracing and robust reporting capabilities that provides company administrators a rich insight into any impending cyber-attacks against the organization.

Office 365 ATP Dashboard

Additionally, the cloud-based email filtering system comes with Safe Attachments to help prevent any malicious attachments impact the business environment. With Safe Attachments in place, all the email attachments are kept in a detonation chamber before the recipients receive them, preventing zero-day attacks. This feature uses machine learning with detection algorithms to recognize any unknown or unregistered threats and protect the organization from any impersonation attacks.
The Safe Links feature investigates any web links in real time and warns the users when they try to access it. If the user still chooses to proceed after the warning, the business administrator is notified via reporting for tracking purposes. This helps the organization gain rich insights into a number of things: the ones who are targeted within the organisation, the ones clicking the suspicious links putting the organization at risk and if any further awareness training may be required.

Safe Links is natively built into Office 2016 Pro Plus, even on mobile devices.

Another important area of scrutiny is to check if the sender really is who they appear to be. This is done by checking the authenticity of the email source. Office 365 AP comes with Spoof Intelligence feature that helps ensure legitimate emails are sent, thus shielding your business from any email-phishing attacks. In Office 365 Admin Portal, spoof filters can be set up in Security & Compliance Centre that will further help you in determining the difference between legitimate and malicious activity. In case of external domains within or outside of Office 365 environment, the spoof intelligence feature checks to find out if domain has been set up according to standards. If it doesn’t, it observes the domain’s message sending patterns to be able to identify if a message has been spoofed.

Office 365 Advanced Threat Protection typically started off as email scanning tool, but it expanded to work with Share Point, One Drive for Business and Microsoft Teams.
Office 365 ATP


The question still remains. Is your organization looking for real-time protection from unrecognized attacks and unsafe attachments? Does it need a visibility into the kind of attacks it might be facing? Is it looking to find out a way to handle phishing emails before it becomes a problem?

Office 365 Advanced Threat Protection can address all these issues offering zero protection to malware and phishing attacks. Need a little assistance to get started? SiRON Technologies can help you get started with advanced security options here.

Leave a Reply