ThirdSpace ThirdSpace
ThirdSpace Contact Us
Close 0 Reset Search Run Search What are you looking for? Type at least three characters to search. Filter Search Results
  • All Content
  • Blog
  • Page
  • Case Studies
  • Event
  • Resources
  • News
  • Careers
  • Access Centre
  • Technologies
  • Workshops
  • Service
  • Solutions
  • People
Load more
25 July 2018

Why Defender for Office 365 anti-phishing protection is critical to our internal security

Profile photo of Mat Richards - Security and Mobility.
Written by Mathew Richards

There are plenty of scary statistics out there to keep you awake at night.

A recent CSO article on the rise of mobile phishing attacks opened with the line: “91% of all cyberattacks start with a phishing email.”

With the same study showing phishing attempts on the rise and the average cost to mid-sized companies at a cool $1.6 million, we don’t have an option: it must be a key focus area in ThirdSpace’s cyber security strategy and our defence against malicious attackers.

Fortunately, we have anti-phishing protection through Microsoft Defender for Office 365. Part of the all up Microsoft Defender holistic threat protection toolkit.

How Defender for Office 365 anti-phishing makes our jobs (a little) easier

Microsoft Defender anti-phishing protection provides 3 key benefits:

1. We can prevent impersonation of our directors and other key staff

With Office 365 Defender anti-phishing, you can prevent up to 20 members of your organisation from being digitally imitated.

It’s a common spear phishing technique to impersonate a CEO or high-level board member with the goal of gaining information or money from someone who reports to them.

Defender’s anti-phishing tools pay special attention to these individuals and will intercept any email that looks like it could have been sent by them, but really hasn’t.

This is achieved through machine learning models together with highly intelligent impersonation detection algorithms.

Defender for Office 365 Demo

Defender for Office 365 Demo

See Defender for Office 365 in action. Covering key features and functions, we'll show you:

  • Custom policy creation and reporting dashboards
  • Cutting-edge investigation and response capabilities
  • How to improve protection, trial, and migrate to Defender
Watch now

2. We can stop our domain name from being spoofed

It’s not just individuals you can prevent from being impersonated – but domains as well!

Another common method of tricking users to provide their credentials or carry out an action is to send an email from a domain name that looks like your own.

At a glance, and look the same.

Microsoft Defender anti-phishing will detect this and can be configured to warn the user, move the mail to their junk folder, or even block it completely before it’s delivered.

It already knows the domains you have configured in Office 365 and protects these by default, but it can be configured to protect other domains – as well as ignore those that are similar but legitimate.

In fact, whether it’s a user or domain impersonation attempt, you’ll have complete control over what happens next – from quarantining the message to providing the user with anti-phishing safety tips.

3. And best of all: Mailbox Intelligence

This feature is particularly advanced.

It looks at each user who has an Office 365 mailbox and learns their individual sender map. This is basically a table of who you communicate with on a frequent basis. It helps to build up a picture of legitimate relationships – for example, sister companies, customers and suppliers.

If any of these contacts are spoofed, Defender for Office 365 anti-phishing will inform you that you aren’t speaking to the person you think you are.


To enable Microsoft Defender for Office 365 anti-phishing protection, you will need an Office 365 Enterprise E5 license – although you can add-on as part of a different subscription.

The true value is when you combine anti-phishing protection with the rest of the of the Microsoft Defender holistic security suite and correctly configured Exchange Online Protection policies too. Once that’s in place, you’ll have gone a long way to protecting your organisation from a potentially expensive attack.

Next, take our two minute security operations capability assessment. Detect your biggest security priorities in minutes – and pick up your free assessment report! 

Or watch our Zero Trust webinar for top tips on enabling a holistic approach to cyber protection.

Subscribe to the ThirdSpace mailing list and get your free buyer’s guide to Microsoft Enterprise Security

Subscribe to the ThirdSpace mailing list and get your free buyer’s guide to Microsoft Enterprise Security

Submit your business email to join our mailing list and we'll send you 'A buyer’s guide to Microsoft Enterprise Security'.

Profile photo of Mat Richards - Security and Mobility.

About Mathew Richards

Head of Mobility & Security

As head of our Mobility & Security practice, Mat’s responsibilities include ensuring that our technical knowledge and delivery capability are fully up to speed and current, as well as creating a...


You may also like...


Remote working fuels 2022 Cyber Essentials changes – Are you ready to meet the new security standard?


A quick guide to Microsoft 365 E5 Security and Compliance add-ons


Microsoft 365 licensing: E3 vs. E5 – Which is right for you?

Recent Blog Articles

View All
Related topics

Webinar: Defender for Office 365 Demo

See how Microsoft’s email security tool protects against phishing and malware.

Watch now

Need some help?

Send us your questions or feedback.

Friendly folks are standing by!

Contact Us
Award-winning solutions Award-winning solutions

Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.

ThirdSpace Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.