Why Spam Gets Through the Office 365 Spam Filter

By January 29, 2016 March 29th, 2019 Blog

One of the biggest misnomers in email security is that built-in spam and phishing protection keeps all malicious email at bay. Because of this, many people fail to see why a business needs to invest in spam solutions in addition to the built-in Office 365 spam filter. Unfortunately, these companies often find themselves buried under an inbox filled with spam or in the headlines after their security was breached when a phishing email lead to the compromise of sensitive information. So, just how do these emails slip past the tools built into the Office 365 spam filter?

Blacklisting and whitelisting problems

One of the most effective technologies that spam filters once relied on was whitelisting and blacklisting. If a domain was known and trusted, it was placed on a whitelist and email sent from this domain was allowed through. On the other hand, if a domain was known to send malicious emails, it was added to a blacklist. Over time, the security community began sharing blacklists and adding known spammers to this open source, shared intelligence.

While these methods did help curb the amount of spam and phishing emails an inbox receives, bypassing these controls is rather easy for today’s spammers. All a spammer needed to do was register a new domain and pump out email messages from that address until it was added to one of the blacklists. When that domain was no longer effective, they would use a different one. It got so bad that Securelist noted that in general there wasn’t much connection between the theme of the spam and the domain name. And, the number of domains registered for this purpose continued to rise.

Old filtering technologies

Another technology that was once a staple in spam filtering is known as Bayesian filtering. This method of stopping spam relied on a score assigned to each email that passed through the Office 365 spam filter.  As the email is analyzed, points are given to different attributes. For example, the use of certain words may raise a score. How many emails were sent at a time might also affect the score. A threshold is then set by the email administrator so that any emails that do not fall within the acceptable range are marked as spam.

Beating this technology is easy. Simply run a search for “bypassing spam filters” and just about every marketing blog tells you how to craft and send emails to prevent them from looking like spam to email security tools like those used in the Office 365 spam filter. Another problem posed by relying on this method is the fact that if a legitimate email does not fall within the acceptable threshold, it too will be marked as spam and people could wind up missing out on important messages.

To fill in the gaps that the Office 365 spam filter leaves open, it is recommended that businesses put enterprise level email security tools in place. With 91 percent of all data breaches stemming from a phishing email, it makes perfect sense to shore up your email defenses with tools designed specifically to stop these types of threats by using the latest effective technologies and not outdated methods.

To see how Sendio’s Opt-Inbox™ and Email Security Gateway™ can help your business stop spam from leaking through, speak to one of our specialists who can answer your questions and get you set up with a demo to see first hand how these solutions will help you.