Best o365 anti-phishing solutions? (other than MFA)

With unacceptable frequency, our users of Office 365 E3 keep getting hijacked.

The last victim had a password which was 11 characters in length so I presume it wasn't brute-forced.  Therefore, I'm assuming he fell victim to a phishing attack and accidentally disclosed his office 365 email address and password.  Any other scenario I'm not considering for how this could have happened?

It seems that Microsoft is slow in detecting the sudden burst of outbound malicious email from.  Generally, the compromised account sends emails to everyone in our company and who knows how many outside contacts.

1.  Aside from multi-function authentication, what can we do to prevent this?
2. By chance, is there any kind of solution which can detect a sudden burst of mail from a far-away IP address (e.g. China vs. USA)?
3. What's the best/most common anti-phishing solution?  Do these solutions only protect local Outlook or webmail as well?

Any other thoughts or suggestions would be very much appreciated.
Thanks,
Mike
mike2401Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

N8iveITCommented:
Most phishing issues are due to user awareness issues and can be assisted by user training (see options at https://www.csoonline.com/article/3066532/phishing/10-companies-that-can-help-you-fight-phishing.html ). which also references Phishing attacks resources at infosecinstitute.com (see http://resources.infosecinstitute.com/category/enterprise/phishing/phishing-countermeasures/top-16-anti-phishing-resources/#gref ).

TechRepublic covers Office365's options at https://www.techrepublic.com/article/how-to-prevent-phishing-attacks-in-microsoft-outlook-and-office-365-3-methods/ .

Personally, I would look into something like Barracuda and see if they have a good option for Office 365 Phishing and Antispam (see https://www.barracuda.com/glossary/phishing ). They have a Sentinel product which works with Office 365 but I have no direct experience with it. Maybe someone else does ...
0
mike2401Author Commented:
Thanks for the links, I will check them out.

We do use Barracuda and I'm sad that it doesn't seem to detect what seems like pretty obvious and malicious emails.

-Mike
0
N8iveITCommented:
That seems odd ... I figured they would be on top of things like this. I would consider a different O365, cloud-based security vendor and use your experience with Barracuda to let you use theirs free for 30 - 90 days (whatever you can get out of them) and see if they will do it (and kick in user-awareness training for free / reduced rate).
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

FOXActive Directory/Exchange EngineerCommented:
Are you using Exchange Online Protection in conjuction with Barracuda?

ATP for O365-  https://technet.microsoft.com/en-us/library/exchange-online-advanced-threat-protection-service-description.aspx
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mike2401Author Commented:
o365 ATP sounds exactly what we're looking for!

Are there other 3rd party solutions that do the same thing better or because ATP's tight integration with Office & Onedrive, is MS the best solution?
1
SysToolsData Expert - Recovery,Backup,MigrationCommented:
Hey,

You may also check this post regarding Antiphishing:

--https://it.toolbox.com/blogs/manishg/setting-office-365-anti-phishing-policy-a-complete-guide-050118

I think MS is only the best Solution!

Hope this helps you!!
0
mike2401Author Commented:
Thanks everyone!   Sounds likes MS Advanced Threat Protection is the way to go!!
0
mike2401Author Commented:
Great info!  Extremely helpful !!!  Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Office

From novice to tech pro — start learning today.