Microsoft launches Office 365 phishing campaign tracker

The firm hopes customers will be able to more closely monitor and contextualise email threats


Microsoft has devised a phishing campaign dashboard for its Office 365 Advanced Threat Protection (ATP) module to give customers a broader overview of phishing threats beyond just individual attacks.

The newly-announced ‘campaign views’ tool provides additional context and visibility around phishing campaigns. This aims to give businesses under constant threat from phishing attempts a fuller story of how attackers came to target an organisation, and how well attempts were resisted. 

Security teams with access to the dashboard can see summary details about a broader campaign, including when it started, any activity patterns and a timeline, as well as how far-reaching the campaign was and how many victims it claimed. 

The ‘Campaign views’ tool also provides a list of IP addresses and senders used to orchestrate the attack, as well as the URLs manifested in the attack. Moreover, security staff will be able to assess which messages were blocked, delivered to junk or quarantine, or allowed into an inbox.

Advertisement - Article continues below
Advertisement - Article continues below

“It’s no secret that most cyberattacks are initiated over an email. But it’s not just one email - it’s typically a swarm of email designed to maximize the impact of the attack,” said Microsoft group program manager with Office 365 security Girish Chander. 

“The common pattern or template across these waves of email defines their attack ‘campaign’, and attackers are getting better and better at morphing attacks quickly to evade detection and prevention. 

“Being able to spot the forest for the trees - or in this case the entire email campaign over individual messages - is critical to ensuring comprehensive protection for the organization and users as it allows security teams to spot weaknesses in defenses quicker, identify vulnerable users and take remediation steps faster, and harvest attacker intelligence to track and thwart future attacks.”

Office 365’s ATP tool is an email filtration system that safeguards an organisation against malicious threats posed by email messages, links and any collaboration tools. 

Related Resource

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

With the additional information at hand, Microsoft is hoping that security teams within organisations can more effectively help compromised users, and improve the overall security setup by eliminating any configuration flaws. 

Related campaigns to those targeting the organisation can also be investigated, and the teams can help hunt down threats that use the same indicators of compromise.

Advertisement - Article continues below

The ‘campaign views’ dashboards are available to customers with a suite of Office 365 plans including ATP Plan 2, Office 365 E5, Microsoft 365 E5 Security, and Microsoft 365 E5.

These new features have started rollout out into public preview, with Microsoft suggesting the features are expected to be available more generally over the next few days and weeks.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
General Data Protection Regulation (GDPR)

Data protection fines hit £100m during first 18 months of GDPR

20 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020