Microsoft Advanced Threat Protection and Azure AD identifes most threats but it would take you all day to go through the notifications!
Users are still click-happy and sophisticated attackers know it. They take advantage by targeting specific high value users such as executives and accountants who have access to payment systems and wire transfer accounts. Once these accounts are compromised, they’re used to send legitimate looking requests for payment or wire transfers that end up depositing the money into the attacker’s accounts. The Internet Crime Complaint Center (IC3) states that between October 2013 and December 2016, a staggering US $5.3 billion was stolen through Business email Compromise, dwarfing the $1billion lost due to ransomware in 2016.
While Microsoft’s Advanced Threat Protection and Azure AD can protect user email and identities from most threats, specific configurations are necessary to target hacks against the high value accounts of the organization. While Advanced Security Management provides a plethora of alerts, administrators need a finite list of actionable items to react to credible threats, rather than a bunch of false positives.
Enabling Technologies combines Microsoft tools’ and our knowledge of forensics to analyze threats (existing or potential), create rules, and automate responses to targeted phishing attacks. Administrators are provided with a short list of actionable next steps and users are left with a clean inbox and fewer doubts in their workday. The solution is called phish hunter, and we’re at your service to enable it in your tenant so that you can minimize business email compromise going forward.