Spam, phishing, and malware are still a big issue for cloud e-mail users

Beta-test program results confirm that e-mail administrators should think twice before relying on basic built-in protection.

With corporations increasingly moving e-mail to the cloud, one would expect a sizeable drop in unwanted or malicious e-mails ending up in users’ mailboxes. At least, that’s what the big headlines promise — security centralisation and big data fed to powerful algorithms should eliminate mass mail, look-alike spam, and generic malware across all serviced mailboxes. The more mailboxes providing data for analysis, the better. And it does work — somewhat. As an example, Office 365 e-mail users are indeed secured against some 90% of incoming threats and garbage. But what about the remaining 10%?

According to Dark Reading (referencing Cyren research analysing 10.7 million messages over one month in late 2017), Office 365’s built-in protection missed 9.3% of e-mails containing spam, phishing, or malware. Virus Bulletin paints a prettier but still concerning picture, with statistics for false positives looking especially troubling (Office 365 erroneously flagged 3.9% of test e-mails).

We at Kaspersky Lab find these statistics troubling — and with our core expertise being protecting users from all kinds of bad ‘cyber-stuff’, we decided to act. On February 1, 2018, we launched Kaspersky Security for Office 365. An extended global beta-testing program preceded the launch. The results of the program confirm that e-mail administrators should think twice before relying on Office 365’s basic built-in protection.

During the beta test, we analysed more than 3 million messages and detected about 800 malware samples, 60,000 spam e-mails, 110,000 mass e-mails, and 20,000 phishing e-mails. An organisation in the United States with roughly 300 employees receives an average of 40,000 e-mails per day, so the numbers above represent 2.5 months of average use. Or, in terms of daily trouble, you’re looking at one or two malware incidents per day, 800 spam e-mails, almost 1,500 mass e-mails, and more than 250 phishing e-mails. And all of that is after incoming mail is checked and cleared by the built-in Office 365 protection. Add to that bother the 3.9% of legitimate e-mails being deleted as malicious (see the Virus Bulletin report referenced above), and you should be thinking, “Something must be done.”

Kaspersky Security for Microsoft Office 365 uses advanced heuristics, sandboxing, machine learning, and other next-generation technologies to protect e-mail from spam, phishing — including spear phishing/business e-mail compromise (BEC) attacks — malicious attachments, and unknown threats. Like Microsoft Office 365, our Office 365 protection is hosted in the cloud. And like all Kaspersky Lab solutions, it’s built on the world’s most tested, most awarded security.

The solution is easy to manage from a single, intuitive console. There’s no package to install and no need for training or new hardware, leaving you free to make the most of the cloud’s resource efficiencies.

You can try Kaspersky Security for Office 365 for 30 days completely free of charge. Simply create an account at Kaspersky Business Hub and get up and running in a matter of minutes!

Tips