• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
  • X
  • Facebook
  • YouTube
  • LinkedIn
Support
Screen Connect
Pay Online
SWK logo.

SWK Technologies

Software Solutions & Services

  • Accounting & ERP Software
      • Acumatica Cloud ERP
        • Overview
        • Construction
        • Distribution
        • Field Service
        • Financial Management
        • Manufacturing
        • Professional Services
        • Project Accounting
        • Retail-Commerce
      • Sage Intacct
        • Overview
        • Construction and Real Estate (CRE)
        • Distribution Operations for Sage Intacct
        • Financial Services
        • Healthcare
        • Manufacturing Operations for Sage Intacct
        • Nonprofits
        • Professional Services
        • Sage Intacct Payroll powered by ADP
      • Sage 100
        • Overview
        • Business Intelligence
        • Core Accounting & Financials
        • Distribution
        • Manufacturing
        • Payroll
        • Sage 100 Contractor
      • More Accounting Products
        • QuickBooks
        • Sage 50
        • Sage 300
        • Sage 500
        • Sage BusinessWorks
      • ERP Add-ons
        • ADP Workforce Now
        • Altec
        • Avalara
        • AvidXchange
        • BigCommerce
        • CIMCloud
        • Cloud Hosting
        • DataSelf
        • Fortis
        • FreightPOP
        • Microsoft 365
        • Netstock
        • Ottimate
        • Sage Fixed Assets
        • Sage HRMS
        • Sage Intacct Payroll powered by ADP
        • Savant WMS
        • Scanco
        • ScanForce
        • Solver
        • SPS Commerce
        • Velixo
        • Workforce Go!
      • More ERP Add-ons
        • Bizinsight
        • Concur
        • Crystal Reports
        • Fraxion
        • Fusion RMS
        • FYISoft
        • JobOps
        • KnowledgeSync
        • Lockstep Collect
        • Nectari
        • Pacejet
        • Planning Maestro
        • Sage CRM
        • Sage Intelligence
        • Scissortail HCM
        • Service Pro
        • ShipStation
        • Shopify
        • Starship
        • Sugar CRM
        • Time & Billing Pro
        • Timekeeper
        • True Sky
      • Industries
        • Construction
        • Distribution
        • Financial Services
        • Healthcare
        • Manufacturing
        • Nonprofit
        • Professional Services
        • Retail
  • Managed Cloud Services
      • Managed Services
        • IT Support
        • Cloud Hosting
        • Infrastructure-as-a-Service
        • Managed Cloud Services
        • vCIO
        • Acumatica Infrastructure
      • IT Solutions
        • Backup & Continuity
        • Cybersecurity
        • Email Hosting
        • Microsoft 365 Services
        • Virtualization
  • Consulting & Implementation
    • Business Technology Consulting
    • eCommerce
    • Financing
    • Human Capital Management
    • Managed Cloud & IT Services
    • Partner Program
    • Software Development
    • Software Implementation
  • Resources
    • Help Desk
    • Blog Posts
    • Payments Portal
    • Webinars
    • YouTube Channels
    • Acumatica Resources
    • Sage Intacct Resources
    • Sage 100 Resources
    • IT Resource Pages
  • About
    • About SWK
    • Awards & Recognition
    • Life@SWK
    • Careers
    • Success Stories
    • SWK Gives
  • Contact
    • Contact Us
    • Support
    • Our Locations

25 Percent of Phishing Emails Get Past Office 365 Security

September 7, 2020 by Hector

Home » Blog » 25 Percent of Phishing Emails Get Past Office 365 Security

phishing-emails-office-365-security

A recent analysis of over 55 million emails sent through the Office 365 cloud platform found that out of those messages with confirmed phishing attempts, 25 percent were marked as clean by the Exchange Online Protection (EOP) service. Of the almost 550,000 phishing emails recorded going to Office accounts, only 20 percent were labeled as malicious and just under half were sent to spam folders.

Phishing Email Categories

Just over half of the phishing messages contained malware, while most of the rest were credential harvesting attempts along with a few extortion and spearphishing attempts. Malware phishing emails (which deliver the infamous “trojan viruses”) use the message as both the vector and a form of concealment as security systems do not register the email itself as malicious.

Credential harvesting attacks provoke the victim into providing access to non-public personal information (NPI), and most often imitate trusted brands. According to the report, one out of every 25 branded emails is in fact a spoofed phishing message. The most common disguise is Microsoft itself, with Amazon following close behind – except in holiday seasons, where it becomes the dominant brand used for phishing attempts.

Office 365 – A Major Phishing Target

Office 365 remains one of the most popular enterprise applications and consequently was one of the most phished brands in 2018. The 365 platform presents an expanded target of opportunity for credential harvesting due to the networked storage and connected apps, as well as the Azure cloud. Though EOP is designed to deliver native cloud-hosted mailbox protection, sophisticated cybercriminals have been able to bypass this safeguard by exploiting a serious gap inherent in the system.

Obfuscation

A technique termed “obfuscation” allows scammers employing malware to trick Office 365’s security layers by camouflaging URLs and html code using methods EOP does not pick up on. Placing zero-width spaces within links and other loopholes confuse the email parsing system, which is not equipped to detect the altered characters and layout styles, or attached documents. This strategy can even fool human users if they are not prudent or are unfamiliar with the signs of a phishing attempt.

Do Not Rely on Your Email Provider Alone Against Phishing

Phishing is not going away any time soon and cybercriminals will continue to look for new ways to fool both systems and people into ignoring the obvious signs of a spoofed email. Basic security applications in popular email platforms will not be enough to combat the sophisticated methods employed by phishing attacks – only human diligence provides the best, most sustainable phishing defense.

Sign up for SWK’s Phishing Defender solution to receive the latest in educational and training resources to prepare yourself for the next spoofed email.

Category: Blog, Cloud Hosting, Cybersecurity, IT Services, Microsoft

Sidebar

Recent Posts

  • How MSPs Solve Healthcare’s Critical Technology Challenges with IT Support
  • Sage Intacct 2025 R2 – A Complete Update Guide
  • Sage 100 Favorites – How to Guide
  • Sage Copilot: Enhance Accounting and Financial Management with AI
  • SWK Technologies Named to CRN Solution Provider 500 List for 2025
  • May 2025 Cybersecurity News Recap
  • How Your ERP Software Impacts Tariff Costs

Categories

Ready to take the next step?

Contact SWK today to get in touch with one of our experts. We’ll go over your business challenges and unique needs, and see where you can unlock new value from your technology and make your operations run easier.

Get in touch!

Our Latest Posts

IT support for healthcare

How MSPs Solve Healthcare’s Critical Technology Challenges with IT Support

Read moreHow MSPs Solve Healthcare’s Critical Technology Challenges with IT Support
Sage Intacct Fixed Assets Management interface updated with 2025 R2 and displaying asset details including cost, depreciation schedules, and transfer history on a laptop screen being held up by a pair of hands from the right of the screen.

Sage Intacct 2025 R2 – A Complete Update Guide

Read moreSage Intacct 2025 R2 – A Complete Update Guide
Computer monitor displaying Sage 100 ERP software interface with the Favorites navigation panel open on the left side, showing various folders and menu items, positioned on a clean white desk with minimal accessories.

Sage 100 Favorites – How to Guide

Read moreSage 100 Favorites – How to Guide

Awards and Accreditations

Top work places in NJ 2020.
Acumatica the Cloud ERP gold certified partner.
The Gold Microsoft partner logo on a black background.
Sage business partner diamond logo.
Dell Technologies Gold Partner
Sage tech partner logo.

Stay in the know!

Subscribe for exclusive ERP, process automation, IT and cybersecurity news.

Twitter
  • Facebook
  • YouTube
  • LinkedIn

Home
About
Contact

Support
Screen Connect
Pay Online
Downloads

SWK logo.

Headquarters:
120 Eagle Rock Ave, Suite 330
East Hanover, NJ 07936

Contact:
info@swktech.com
(877) 979-5462

Copyright © 2025 · SWK Technologies, Inc. · All Rights Reserved · Terms of Use · Privacy Policy

This site uses cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, and help us understand your interests and enhance the site. By continuing to browse this site you agree to the use of cookies. Visit our privacy policy to learn more.I understand