Hackers Have It Out for Microsoft Email Defenses

Cybercriminals are focusing more and more on crafting special email attacks that evade Microsoft Defender and Office security.

Increasingly, cyberattackers are laser-focused on crafting attacks that are specialized to bypass Microsofts default security, researchers say — which is going to require a shift in defense posture for organizations going forward.
Many hackers think of email and Microsoft 365 as their initial points of compromise, [so they] will test and verify that they are able to bypass Microsoft’s default security, according to a new report from Avanan that flags an uptick in its customer telemetry of malicious emails landing in Microsoft-protected email boxes. This does not mean that Microsofts security got worse. It means that the hackers got better, faster, and learned more methods to obfuscate and bypass the default security.
Some of the eye-catching numbers in
the report
, gleaned from analyzing 3 million corporate emails in the past year, include:
About 19% of phishing emails observed by Avanan bypassed Microsoft Exchange Online Protection (EOP) and Defender.
Since 2020, Defenders missed phishing rates among Avanans customers have increased by 74%.
On average, Defender sends only 7% of phishing messages received by Avanan customers to the Junk folder.
In good news: Microsoft flagged and blocked 93% of business email compromise attempts.
Microsoft catches 90% of emails booby-trapped with malware-laden attachments.
Again, the numbers speak to the evolution of phishing and the fact that attackers are increasingly using tactics like
leveraging legitimate services
to avoid including obviously malicious links in emails, using masking techniques like
vanity URLs
, and avoiding attachments altogether.
To defend themselves against these custom-built attacks, organizations can go to basic defense-in-depth approaches with four main prongs, according to Roger Grimes, data-driven defense evangelist at KnowBe4.
Those prongs include: A better focus on preventing social engineering, using a best defense-in-depth combination of policies, technical defenses, and education; patch software and firmware, especially any that are listed on CISAs Known Exploited Vulnerability Catalog; use phishing-resistant multifactor authentication (MFA); and using different, secure, passwords for every site and service where MFA cannot be used.
There are no other defenses, besides these four, that would have the most impact on decreasing cybersecurity risk, Grimes says. It is the worlds lack of focus on these four defenses that has made hackers and malware so successful for so long.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Hackers Have It Out for Microsoft Email Defenses