phishing concept using fishing lures

Remember that prince from Nigeria that was emailing everyone a few years back, with millions to share, he just needed your banking information.  Phishing emails today are sophisticated, evasive, capable of rewriting their tracks, and can sweep the globe before antivirus algorithms begin to detect them.

You already know antivirus alone is not enough, because we’ve posted often about a layered approach to your IT security posture. Today we will talk about phishing and Advanced Threat Protection which works with antivirus and user awareness to limit phishing threats.

Advanced Threat Protection is a component of Microsoft 365 Business (previously known as Office 365, they just changed their name). The Microsoft 365 Business security platform is built on something called the Intelligent Security Graph.

Basically, when a new cyber threat is detected in any country, this network is updated automatically and these millions of updates make the foundation for Microsoft 365 Business security tools that include Advanced Threat Protection (ATP). Some things that ATP can do include:

  • Safe links
  • Safe attachments
  • Anti-phishing intelligence

Safe Links

Remember earlier in the email when we said today’s phishing can re-write itself to cover it’s tracks? So one way phishing today evades antivirus software is by sending a safe link that gets past antivirus checks, and then once it passes, it re-writes itself. Sneaky, right? Safe links in ATP re-checks links when you click on them and alerts you if you are about to visit a known dangerous site.

Safe Attachments

Safe attachments works similarly to safe links. Basically, your attachment is opened in a virtual, AI environment and is observed for any suspicious behavior – for example, malicious code executing. If the attachment is dangerous, it will never arrive in your inbox. This helps reduce threats.

Anti-phishing AI

You know how on your cellphone, you can tap on auto replies generated for you, that learn your language patterns? This tool works like that. This tool learns how your team communicates, and who usually emails who, so that if suddenly the boss is emailing the receptionist for employee social insurance numbers, it gets flagged as a breached account being controlled by a hacker.

Layer Up For Security

Each of these layers of defense help keep your business safe.

Other layers that should be included are 2 Factor Authentication, which will soon be mandatory on all Microsoft accounts, actively filtered antivirus software (not free or cheap AV products), and some company wide polices that restrict sensitive information in the first place.

For example, here at TUCU, any credit card information or social insurance information that we might try to email out will be stripped and blocked, and our admin account will be notified of the attempt to send out sensitive information. Having this in place for your team reduces your risk of breach or liability.

People forget. People make mistakes. People might send sensitive email in an email that can be intercepted. In fact, humans are the weakest link in any company's security posture. Put the right tools in place to help catch these issues when your team slips up.


These tools are part of the security basics we setup for every single one of our Managed Services customers. Of course, they are just the beginning.  Comprehensive IT security and ongoing IT management for small business today involves more than mere basics - and we will take care of all of it for you. We are just a call away and here to help you with all your IT needs in Toronto. Get in touch today!