We often allude to the benefits of having an integrated threat protection stack in Office 365. Today we wanted to take the opportunity to walk you through how the combined features and services in the Office 365 threat management stack help your organization protect, detect, and respond to a potential phishing attack. Phishing is the term for socially engineered attacks designed to harvest credentials or personally identifiable information (PII). Attackers use a variety of strategies to make the recipient believe the email is coming from a legitimate source. Phish emails often convey a sense of urgency to the recipient to take an action described in the email. We see phishing emails come in a variety of forms including:

• Spoofing: where the sending domain matches a legitimate business
  
  
• Impersonation: of users, domain, and brands (where emails are crafted to look like they are coming from specific users, domains and brands)
  
  
• Content Based Attacks: emails contain malicious links or attachments

Check out the full blog post: here.