David Hood

Do You Know the Five Phases of a Whaling Assault?

by David Hood - Director, Technology Marketing, Mimecast

It’s no secret that social engineering attacks, like phishing, spear-phishing and domain spoofing have grown from being a nuisance to a colossal problem. But, perhaps the most colossal problem of the moment is Business Email Compromise, otherwise called CEO fraud or whaling.

Whaling attacks can cost companies millions in financial losses. In fact, according to the U.S. Federal Bureau of Investigation, whaling attacks led to more than $2.3 billion in losses over the last three years. Cybercriminals are able to pull off these deceptive scams by posing as a CEO, or other executive, sending an email asking the unsuspecting target to initiate a wire transfer or send payroll and other sensitive data.


It’s time to protect your organization from whaling attacks. This means you must get to know the ‘5 Phases of a Whaling Assault’ so you can both educate your employees and increase your technology defenses. They are:

  1. In the Crosshairs: In the first stage of an assault, fraudsters use social media networks to gather intel on their target.
  2. The Domain Game: Next, armed with just enough detail, they register a domain similar to the actual domain for the target company.
  3. Gone Phishing: An employee receives the phishing email, but doesn’t notice the subtle warning signs that it’s fraudulent.
  4. Victim’s Assistance: The target follows the call-to-action in what appears to be an authentic email from someone familiar.
  5. On the Money: But, it’s not authentic. The attacker now moves the funds from the fraudulent bank account or has sensitive employee information like W-2 forms and social security numbers that are used in a larger scam.

Are you ready to take action against whaling? Download: “Whaling: Anatomy of an Attack” to learn more, including why whaling works, examples of recent high-profile attacks, and ways to defend against whaling fraudsters.

FILED IN

Microsoft® Office 365™ is proving popular and adoption continues to accelerate. 

A recent Gartner study found that 78 percent of IT decision makers say their organization is already using or is planning to use Office 365. This is 13 percentage points ahead of what the same survey found in 2014.

The adoption numbers clearly indicate that Office 365 is a product the market is eager for. Microsoft is adding over 50,000 customers to Office 365 a month and has well over 60 million commercial users.

While the growth of Office 365 has been explosive, when I talk to CIOs and IT directors, I often hear from them a reminder that the risks facing on-premises environments don’t change when organizations move email to the cloud. The security threats remain and companies need to prepare for, and shield employees from, productivity crippling downtime.

The scale of the platform is massive but it is important to remember Office 365 depends on a number of technologies working in concert to provide a seamless service. In the case of email, this means that Microsoft Azure Active Directory (AD), Exchange Online Protection (EOP), archiving and the administration console must be always on and always accessible. If any of these services are disrupted or compromised, the result is stark, employees can’t send, receive or access email—and potentially worse, admins can’t control this critical communication platform for their business.

Mimecast experts have engaged in hundreds of Office 365 migrations and service implementations for companies of all sizes. As part of the process, we find that there are usually five key questions to ask during the migration process:

  1. Do I have a back-up plan if my email system goes down from cyber-attacks, human error or technical failure?
  2. How do I track outages and ensure I engage my vendors with the right language in the contract to cover my organization?
  3. If a system outage occurs, how do I respond in the most efficient way from a technical perspective? 
  4. What other services can I use to ensure 100 percent uptime?
  5. Who within my organization do I need to brief prior to, during and after an outage occurs?

By answering these five questions, organizations can take a proactive approach before a system outage occurs and have a layered cyber resilience strategy to maintain productivity.

There will always be a give-and-take between the benefits and potential limitations of a move to the cloud so it is important to have the facts – as Microsoft Servers and Services MVP and author of “Conversational Office 365” J. Peter Bruzzese frequently says, “Don’t sleepwalk into the cloud.”

If you’d like to hear the answers to these questions and more about the best way to prepare for potential risks of Office 365 register today for the webinar, Cloud Outages Happen – Be Prepared, here.

FILED IN

When Is an Outage Not a Priority?

by David Hood - Director, Technology Marketing, Mimecast

When Microsoft Office 365 went down again last month, a painful truth emerged as the outage rolled on for several days – a big deal for your company is not always a big deal for Microsoft.

There’s been repeated Office 365 cloud email outages recently, from an American Office 365 email outage in July to the Azure Active Directory problems that impacted much of Europe in early December.

When Microsoft Office 365 went down again last month, a painful truth emerged as the outage rolled on for several days...
When Microsoft Office 365 went down again last month, a painful truth emerged as the outage rolled on for several days...

But what’s different about this one is how slow Microsoft  was to respond – maybe because it just affected customers that use IMAP. Microsoft promised to fix the problem by January 23 – five days after the outage.

Certainly Office 365 is not the only service to suffer like this – outages happen, but the reason why Office 365 outages grab widespread attention is because of its increasing popularity and the business critical nature of the email management services it provides.

But there is something significant about this one: what appears to be a failed service update could create an outage lasting more than week. This highlights that your problem and Microsoft’s problem aren’t always aligned. With the number of companies adopting Microsoft Office 365 increasing quickly (as many as 50,000 a month) this problem only gets worse over time. Far fewer customers will be using IMAP, so there is a perceived risk that problems will be treated as a lower order priority fix. This underscores a risk to any organization’s business continuity and data security. No business should rely on a single provider for a critical service such as email. Additional third-party cloud services are the only way to manage these risks.

For many businesses, email is their most critical IT workload. Email continuity is also highly valued by employees. Tolerance for email downtime is almost zero as it costs money, damages reputations and cripples business operations. In short, we all need it to work and to work all the time.

For years IT teams have built disaster recovery plans and systems predicated on the belief that IT fails and you always need a plan B. Nothing changes in a cloud first world. Cloud services clearly fail and if you don’t have an independent email continuity service, your email will be down until Office 365 gets it back up again. And you can’t control when that will happen. One hour. Five hours. In the case of the IMAP failure, 7 days.

So take a page out of the on-premises risk management handbook. Make Office 365 safer with the addition of an independent third-party email continuity service and by keeping an Office 365 disaster recovery solution in place.

For all its strengths, if you rely 100% on Office 365 for your email you are asking for trouble. It’s just a matter of time.

Find out more about how Mimecast can help keep your business running during an Office 365 outage here

FILED IN