Nearly 10% of e-mail delivered to Office 365 mailboxes are spam or contain phishing exploits
Microsoft should be the expert on malware protection according to popular wisdom but that’s turning out not to be the case. Their Office 365 product is surprisingly vulnerable to spam and malware. Kelly Sheridan of Dark Reading News reported recently on a study that showed that nearly 10% of emails delivered to Office 365 inboxes were spam, phishing messages or previously identified malware. Now admittedly, since 90% of all e-mail sent is spam, that sounds pretty good but if you dig a little deeper into the stats you’ll find that there’s still a high percentage of dangerous e-mails leaking through the Office 365 filters to users mailboxes.
Researchers analyzed 10.7 million messages during the month of September 201. Nearly one million of those messages were spam or malicious emails that were missed by Office 365.
Disregarding the simple spam messages, 34,077 emails were phishing messages. Just over 18,000 were financial phishing emails requesting banking information. About 5,400 were password phishing emails, and 10,601 were various other phishing attempts.
Malware attachments found on 3,900 Office 365 emails delivered to users.
An expert involved in the review said “Microsoft’s solution is particularly reliant on reputation-based filtering, meaning the extent of their knowledge is only as good as their database. Today, with the rise of distributed attacks involving malware, phishing, spam, and botnets, many machines involved are fresh IPs. There’s a good chance they won’t exist inside an IP reputation database.”
