A whole load of phishing emails make it past Microsoft Defender, researchers say

By Scott Marlette Last updated Oct 10, 2022

Microsoft Defender, the in-built security service for Windows, which also scans incoming email messages for malicious content, misses almost a fifth (18.8%) of all phishing emails, a new report from Avanan claims.

The company claims to have analyzed almost three million emails that were scanned by Microsoft and Check Point security products, over one week. For the purpose of the report, the analysts took samples from organizations with anywhere between 500 and 20,000 users. The companies analyzed were from various industries, but all located in the United States.

But not only did Defender miss 18.8% of phishing messages, the analysts say the number of misses has increased by 74% over the last two years. In Avanan’s previous analysis in 2020, only 10.8% of phishing emails made it to the victims’ inboxes.

Is Microsoft Defender bad?

What’s important to notice here, and what Avanan stresses in the report’s introduction itself, is that these figures do not necessarily mean Defender is bad at defending against phishing. If anything, it’s as good or better than the competition:

“In general, Microsoft 365 is a very secure service. That is a result of a massive and continuous investment from Microsoft. In fact, it is one of the most secure SaaS services on the market. This report does not indicate otherwise,” the report states.

So why is Defender allowing such a large percentage of phishing emails, some of which carry malware, through? The researchers believe it is because Defender is the go-to solution for most organizations, and as such, most threat actors test out their strategies against this solution first, before deploying attacks.

“It’s important to note that this does not mean that Microsoft’s security got worse. It means that the hackers got better, faster, and learned more methods to obfuscate and bypass the default security,” the researchers added.

Targeted financial attacks are specifically crafted to bypass Defender, they say, adding that these usually include many email scams (fake invoices, fake Bitcoin transactions, phony business proposals etc.). Still, Defender missed 42% of these types of attacks last year.

TechRadar Pro has asked Microsoft for a response to the findings of the Avanan report.

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.