Phishing – Azured
=
Book a call with us
Why cybersecurity is our only hope for the digital age.?

Eyes often glaze over at the very mention of cybercrime. Seriously, try it next time you’re having a round of crazy golf. But it’s really important. And when the world’s most common password is 123456, it’s easy to see that information and knowledge sharing key to survival in this fast-paced digital world.

When we talk about exposure to cyberattacks, there are three primary types of attack to consider:

Identity based attacks

Phishing and spear-phishing

Phishing is where an attacker takes on the role of a trusted identity and tricks employees into opening emails, texts or instant messages. With spear-phishing, as the name suggests, things are a bit more serious. An attacker will use unique information, specific to the user, to construct a more plausible phishing attack. These are notably harder to spot.

Secure your business against phishing attacks:

• Protect against spam malware and other email threats with Exchange Online Protection.
• Co-ordinate detection, prevention, investigation and response across endpoints, identities and email with Microsoft 365 Defender.
• Protect against phishing or malware websites and applications with Microsoft Defender SmartScreen.

Password spray

In a scenario like this, attackers will try a large list of possible passwords for a given account (or set of accounts). It’s doubtful that anyone reading this will find themselves in this camp but research by CyberNews, which looked at 15.2 billion passwords, has revealed the five most common passwords of 2021…and the results are staggering:

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 12345

Solutions to help secure your business against password attacks:

• Discover leaked credentials and detect password spray attacks with Azure AD Identity Protection.
• Enforce minimum requirement, dynamically ban common passwords and force resets for leaked passwords with Azure AD Password Protection.
• Look out for malicious actors that gain access by guessing your password or using brute-force method using Azure AD Smart Lockout.

Device based attacks

Device-based attacks occur when malware is installed on your device in the form of viruses, spyware, ransomware or other unwanted software that’s installed without your knowledge or consent. Of course, if a device is lost or stolen, a whole new set of challenges arise. If you’re only responsible for one or two devices, nothing seems that tricky. But with an estate running in to the hundreds (or more), the impact of device-based attacks is huge.

Cloud solutions to protect your business against device based attacks:

• Prevent, detect, investigate and respond to advanced threats with Microsoft 365 Defender for Endpoint, with full visibility, protection, and detection across a wide variety of platforms, including macOS, Android, and iOS.
• Define trusted websites, cloud resources and internal networks with Microsoft Defender Application Guard, helping to protect devices from advanced attacks by opening untrusted websites in an isolated Microsoft Edge browsing window.
• If a device is lost or stolen, Microsoft InTune mobile device management (MDM) enforces password and/or pin requirements – and wipes the device completely after a specific number of failed attempts.

Network based attacks

Network based attacks are carried out using vulnerabilities within the network or application and include:

Secure your business against network based attacks:

If you’d like to understand what you can do to help protect your business from cybercriminals, book a quick discovery call with us.

Interested but not quite ready to talk? Sign up for updates using our super-simple form.