In April, Microsoft beefed up the security of Office 365 for enterprise users with the addition of a new feature designed to detect phishing emails with help from machine learning technology. The enhancements seem to have paid off as the software giant announced today that it has exhibited the lowest phish miss rate from May 1 to September 16 of this year in Office 365.
The latest feat, as shown in the figure above, marks a significant progress in how Microsoft worked to help counter phishing attacks from November 2017 to January 2018. During that period, Office 365 saw a poor miss rate of phish emails compared to third-party services.
In regard to the substantial decrease in phish miss rate, Debraj Ghosh, Senior Product Marketing Manager at Microsoft, wrote in a blog post:
"[It] is the culmination of the incredible focus, drive, and expertise of Microsoft researchers and engineers working together to push the boundaries of threat research, machine learning, and development of algorithms that together provide customers the most impressive and effective protection against phish emails available for Office 365 today."
The Redmond-based company's 3,500 resident security professionals, aided by its $1 billion annual investment in cybersecurity, worked to combat phishing attacks by zeroing in on four categories of phish emails including domain spoof, compromised accounts, content detonation, and impersonation. Microsoft's engineers also designed a number of anti-phish capabilities such as spoof intelligence, advanced machine learning models, and internal safe links, among other enhancements as shown below.
This year, the new anti-phish capabilities blocked 5 billion phish emails in Office 365, protected 7 billion URL clicks through Safe Links, and detonated 11 billion items through ATP sandboxing.