With more than 345 million users globally, Microsoft 365 is one of the most heavily utilised platforms on the planet. It’s ubiquitous in the business world, from the core Office 365 applications for everything from spreadsheets to word processing and presentations, through to more recent collaboration and productivity tools like Microsoft Outlook and Teams, plus much, much more. Operating across almost every device, from PCs and Macs to tablets and smart phones. In fact, it would be hard to find one of your customers that doesn’t use the platform in some way, shape or form, almost every day, and most likely as heavy, power users.
And it’s that unrivalled success that makes Microsoft such a popular target with cybercriminals. Here are 5 reasons why your customers may have a target on their back, if they're using Microsoft 365 alone to secure their inboxes.
1. Global FootprintWith a global presence, the Microsoft brand is known and loved in every country throughout world. Office 365 supports 102 languages, so for a cybercriminal the first challenge of being familiar to the user when you land in their inbox is already solved.
The Microsoft brand was ranked at number 2, in Interbrand’s Top 20 Brands of 2023, with a valuation of the brand alone at almost US$317M. That’s up 14% YoY, and more than US$250M greater than its value only ten years earlier.
Scammers rely upon that veil of familiarity, hoping that users won’t think too long before clicking through on a link, or before entering their credentials into a web form. By brandjacking Microsoft, it’s easy to see how tens of millions of users could be easily duped into inadvertently entering their credentials.
2. A Trove of Compromised Credentials Already in the WildEven worse, many Microsoft 365 users have already been compromised in historical data breaches, so their credentials are readily available for sale to the highest bidder on the dark web. It’s an easy entry point for access to a network.
Plus, beyond the commercial users, there are more than one billion users of Microsoft services globally when you include consumer and free apps, expanding the attack surface for bad actors that are trawling for information to craft their attack, or to socially engineer an approach.
Microsoft 365 or other Microsoft services also provide a great foothold for launching a business email compromise (BEC) attack, if for example, the attackers have a certain target in mind. If bad actors can access the account of a colleague, friend, or business associate, who may be an employee, a connection in a social media network, or someone that works for a company in the target’s supply chain, then bad actors can assume their identity to design a very convincing campaign in efforts to secure an unauthorised entry point into an organisation.
3. An Enormous AudienceRepresenting over 345 million vulnerable users, all with varying levels of education, technical literacy, and access privileges, each individual Microsoft 365 user is a potential gateway into a business, large or small, or into another business that’s connected in their supply chain.
The Microsoft 365 ecosystem in aggregate is an obvious choice for a scam.
4. A Complex Array of ServicesIf scammers do manage to compromise a user, they have the added advantage of gaining access to an array of services and applications.
Microsoft’s cloud-powered, productivity platform, Microsoft 365 includes iconic apps ranging from Microsoft Teams, Word, Excel and PowerPoint, to Outlook, OneDrive, and so much more.
It’s technology that’s been around for decades, with adaptations across myriad devices and platforms too, from the cloud to desktop, and beyond. That complexity of applications and platforms can make it a minefield for cyber defenders, who are striving to ensure that the software is always up to date and fully patched.
The platform is a sitting duck for bad actors, who can survey, test and re-test their techniques and methods of attack. In fact many have already fine-tuned their methods on other Microsoft 365 victims, or they simply in-source the expertise by purchasing the know-how from phishing-as-a-service (PaaS) and ransomware-as-a-service (RaaS) providers.
5. A Single Layer of ProtectionIt doesn’t matter which vendor it is, experts agree that no one solution can stop all attacks, That’s why they recommend a defense-in-depth, or multi-layered approach to security. Gartner refers to it as a cybersecurity mesh.
If your customers’ org is relying solely on Microsoft 365, even with EOP or Defender, then they are only protected by a single layer of threat protection IP. With nine out of ten cyberattacks beginning with a simple email, there is no vector that’s more critical to defending an organisation.
As a partner and trusted advisor to your business customers, and even within your own organisation, you will know that a large number of threats bypass Microsoft 365, making it into employee inboxes.
Microsoft Chairman & CEO, Satya Nadella, is among those experts calling for a defense-in-depth approach, in a keynote referring to MailGuard as “the type of innovation that we want to see.”
Keeping Businesses Safe and Secure
Prevention is always better than a cure, and one of the best defences is to encourage businesses to proactively boost their company’s cyber resilience levels to avoid threats landing in inboxes in the first place. The fact that a staggering 94% of malware attacks are delivered by email, makes email an extremely important vector for businesses to fortify.
No one vendor can stop all email threats, so it’s crucial to remind customers that if they are using Microsoft 365, they should also have a third-party email security specialist in place to mitigate their risk. For example, using a third-party cloud email solution like MailGuard.
MailGuard provides a range of solutions to keep businesses safe, from email filtering to email continuity and archiving solutions. Speak to your customers today to ensure they’re prepared, and get in touch with our team to discuss strengthening your customer’s Microsoft 365 security.
Talk to us
MailGuard's partner blog is a forum to share information; we want it to be a dialogue. Reach out to us and tell us what your customers need so we can serve you better. You can connect with us on social media or call us and speak to one of our consultants.
Australian partners, please call us on 1300 30 65 10
US partners call 1888 848 2822
UK partners call 0 800 404 8993
