Spam emails are not just a nuisance; they seriously threaten productivity and security. Consider this: on average, employees receive around 121 emails daily and reply to around 40; the rest enter the dreaded ‘unread’ list. However, sometimes, spam email is more than just an irritation. It can disrupt productivity and, more worryingly, malicious spam can severely threaten an organization. These emails can contain malware-laden attachments or present as legitimate-looking phishing emails, putting your organization’s security at risk.
Microsoft 365 and the Office productivity suite are top-rated solutions, with over 1 million companies in the USA using them. Unfortunately, because of this popularity, the email client Outlook has become a playground for spammers and the malicious spam they generate. However, there’s a solution. By integrating SpamTitan into Office 365, an organization can effectively weed out nuisance and malicious spam from legitimate communications, ensuring a safer and more productive email environment.
Here, TitanHQ examines spam, its consequences, and how to protect your company against its tsunami.
What does a spam email look like?
Spam emails take many forms, but they all involve receiving unsolicited and unwanted emails. However, some spam is more concerning. Many spam messages are scams waiting to happen. They contain content that attempts to manipulate people’s behavior. For example, spam may use language that causes concern, fear of missing out on gifts, etc., to entice people into clicking links or opening attachments.
Some examples of spam messages are shown below, but there are countless variants:
Why do you need a spam filter?
Spam is a form of unsolicited email that lands in your inbox all too regularly. In many ways, modern businesses have become so used to spam that we hardly notice it other than as an irritation when attempting to clear out these unwanted emails. But email spam goes back a long way. The development of spam communications is tied to the evolution of the internet. The first spam email was recorded in 1978 and was an ad sent by ARPANET, the nascent internet, to 600 members of its user base. The ad was unsolicited and, therefore, technically spam. A decade later, in 1988, an email chain letter with the heading “MAKE. MONEY. FAST” became the type of spam email we know and hate today.
Today, spam is ubiquitous. It is estimated that 162 billion spam emails are sent daily. That is a lot of unwanted emails landing in employees’ inboxes, annoying them, distracting them from their work, and potentially carrying malicious content. Even employees’ mental health is being affected by the deluge of spam. Many spam messages can lead to scams, negatively impacting employees’ mental health.
Anti-spam solutions prevent spam from being a nuisance, reducing employee productivity, stealing data, and infecting your organization with malware. Using a spam filter reduces the amount of spam and has many benefits, including the following:
Productivity
Spam impacts productivity. Research from McKinsey found that employees spend 28% of their time at work dealing with emails of all kinds. Add scams to the mix, and the overhead on productivity is obvious: the average employee receives around 200 emails daily (including spam). Dealing with the opening and deleting of spam emails takes time away from an employee’s core work.
Also, legitimate emails are often lost in the mass of spam emails. Accidents happen, and legitimate emails can be deleted when employees get annoyed and do mass deletions to rid their inboxes of spam. A spam filter drastically reduces the amount of spam entering an employee’s inbox.
Malicious email reduction
Spam is usually thought of as just annoying rather than malicious. However, scammers sometimes use spam to hide malicious intentions. Also, bots can issue spam en masse to mail indiscriminate emails to hundreds of thousands of people. Mass-mailed spam can be as dangerous as conventional phishing emails. Malicious spam uses the same tactics as phishing to manipulate employees into performing tasks that benefit the scammer. One of the examples above contains a phone number to call. This would take the caller to a scammer who would attempt to extort data and money from the caller.
Cybercriminals may also use spam to check if an email address is live. If the employee opens the spam email, the scammer is alerted, notifying them that this is an active account. They then use this information to target those users with phishing or malware.
Compliance with regulations
Anti-spam regulations and data protection laws exist worldwide. These regulations require organizations to apply protective measures to secure data and protect privacy. Anti-spam solutions help organizations meet anti-spam compliance by reducing the risk of data breaches from phishing attacks or malware infections.
Spam filters take the pain of spam away. But what is a spam filter, and how does it work with the massive volume of spam?
How does a spam filter work?
A spam filter is built to identify unwarranted and unsolicited emails. Often, these emails also contain dangerous content, such as links that go to phishing websites. Several types of email filters look for signals of spam in different areas of the email:
Header filter: This filter looks at an email’s header to determine whether it is from a legitimate source or a known scam email address.
Blocklist filter: Specialist organizations like Spamhaus keep track of known scammers and spammers and hold a database of their email addresses. The spam filter cross-references this email list and filters out recognized spammers. Spamhaus use DNS Blocklists (DNSBLs). However, it can be challenging to keep up-to-date with evolving spam domains.
Content Filter: spam often contains certain types of language or elements, like explicit material, ” gift,” or “discount today only” statements. The content filter is configured to look for this type of language and block emails that contain this.
The above filters are used in conventional spam gateways like Microsoft Office 365. Static filters such as blocklists are an excellent first layer of security. However, more advanced spam filters and gateways have taken a proactive approach, applying multiple layers of filters to stop evasive and evolving spam.
Advanced anti-spam gateways
Advanced spam filters apply increasingly sophisticated and dynamic layers to filter out spam. These multi-layered advanced systems use rules and policies augmented by verification, authentication, and intelligent technologies such as AI and machine learning. These layers include the following technologies:
Conventional filter layers
- Real-time blocklists (RBLs) and graylists: set a baseline to identify and block spam from recognized spam-supporting ISPs.
- Harvesting/dictionary attack protection: Filters identify unauthorized words or content in an email and block or quarantine the email if these words are found.
- Allowlists (safe listing): A global Whitelist page of allowed words and content that always allows authorized messages.
Advanced filer layers
- Bayesian Analysis: based on a self-learning system that continuously improves as it learns.
- Auto Learning: AI and machine learning are used to protect against spam threats by using pattern detection in real-time.
- Heuristics: detects viruses in spam messages by examining code for suspicious properties.
Cons of using a spam filter
One of the most common cons of using a spam filter is false positives. A false positive is generated when a spam filter has blocked a legitimate email. Not only is this annoying, but it could also harm a business.
Also, if the spam filter is not designed to handle emerging and evasive spam threats, it could easily allow dangerous emails to reach inboxes. In this way, a poorly performing spam filter is worse than no spam filter, as it creates a false sense of security.
The above two issues could be enough to turn companies off using spam filters. However, modern AI-enabled spam filters not only reduce false positives drastically, but they are highly accurate. SpamTitan, for example, has a 99% spam detection rate and extremely low false positives. Also, SpamTitan can configure how spam is scored, helping to reduce further false positives. The most important thing in removing the cons of using a spam filter is to choose an advanced solution.
Does Microsoft Office 365 have an in-built spam filter?
Yes, Office 365 has a built-in spam filter. Microsoft’s O365 comes with Exchange Online Protection (EOP). This email filter uses static rules based on known spam and phishing threats. However, EOP also collects user data feeds from Outlook; these data are used to detect spam email. EOP uses a classification system to determine the likelihood that an email is spam or malicious. Once identified, spam email is automatically classified and separated so the spam does not enter the employee’s inbox.
EOP technologies used for spam filtering:
- Most spam is detected via connection filtering based on the sender’s IP address.
- URL block lists.
- List of domains that are known to send spam.
- Multiple anti-malware engines
- Inspection of the message body and attachments for malware.
Specific Microsoft licenses come with a more advanced email security solution, Microsoft Defender for Office 365 (formerly Advanced Threat Protection (ATP)). MS Defender is a more sophisticated service that protects against advanced threats like phishing and zero-day malware. However, the increased cost of this advanced service is reflected in its capabilities.
How to Set Up and Configure Office 365 Spam Filter
The use of EOP for spam filtering begins by creating anti-spam policies. These policies are essential to control the configurable settings for spam filtering. Policies must reflect both spam and anti-malware. The O365 Security & Compliance Center uses the Threat Management section to set policies. The policies should reflect the needs of your organization.
If you have a Microsoft Defender license, you can configure protection against unsafe attachments and harmful links in emails. Microsoft Defender also allows the setting of policies that can detect phishing attempts. Regularly monitoring and reviewing your configuration and policy settings is essential to optimize your protection. O365 provides a dashboard to review the performance of email protection.
Limitations of the Office 365 Spam Filter EOP
Reading forums of real-world customers of the O365 spam filter shows that issues persist in the solution. A Reddit post has several disappointed customers discussing issues such as missed phishing, false positives, and poor customer support. Some of the more common and concerning issues with O365 built-in anti-spam capabilities include the following:
Static detection when using only EOP and not Defender: Older static measures used in the EOP solution do not detect evolving threats and sophisticated spam and phishing attempts. To capture more advanced spam and phishing attempts, O365 Defender is needed.
Poor support from Microsoft: This is a serious issue, as email is both a vital communication method and a potential danger to an organization if malicious. Support must be exceptional. However, real-world users are reporting issues with support. In addition to various Reddit forums recording poor support, a Gartner review site has members noting similar poor support from Microsoft.
No greylisting: Microsoft 365 spam filtering tools lack greylisting. Using greylisting, emails from all non-whitelisted senders are automatically returned to the sender’s mail server with a request to be sent again. The mail servers used by spammers are usually too busy before the request times out; therefore, the spam email is never returned. Greylisting would plug a security gap between blocklisting IP addresses and using AI/machine learning to detect zero days and sophisticated email threats.
Licensing and advanced protection using O365
Using EOP with O365 cannot protect an organization against modern spam or email-borne threats. Microsoft Defender does have improved security capabilities, but this is only available using specific license plans that can be expensive, especially for smaller organizations:
Microsoft 365 E3 licenses do not include Advanced Threat Protection. Any organization wishing to use Defender must buy this as an add-on to their license. Alternatively, a company must purchase a Microsoft 365 E5, Microsoft 365 A5, or Microsoft 365 Business Premium with Defender bundled. Enterprise versions of M365 also come with Defender.
Alternatives to Office 365 spam filter
Microsoft EOP has severe limitations in detecting modern spam and phishing. Paying more and using Office 365 Defender does provide better coverage of emerging and zero-day threats. However, the best of both worlds can be achieved, cost-effectively, by using alternative non-Microsoft advanced spam solutions. Many alternatives to the Office365 spam filter make choosing the right one challenging.
Some of the questions you must ask when choosing an advanced anti-spam solution are as follows:
- Does the solution use multiple layers of defensive technologies? This may be described as a “defense-in-depth” approach.
- Are the advanced layers based on AI or machine learning?
- Can the solution apply Natural Language Processing (NLP) to identify subtle signals in email content that engineer people socially?
- Is the solution cloud-based? This is important as it allows for company size and security changes during remote access.
- Is the solution easy to manage and update? Ideally, the solution should have an easy-to-use, centralized dashboard.
- Is the support for the solution reliable and timely?
- Is the solution within budget and value for money?
Why use SpamTitan with Office 365
Even a single malicious spam email can seriously damage a company: spam is not just about annoying ads for an unsecured business loan — spam carries the weapons of cybercrime and fraud. A single malicious spam can result in ransomware, stolen login credentials, exposed data, and significant financial losses from the Business Email Compromise (BEC). Office 365 has some anti-spam capability, but modern cybercriminals use highly sophisticated methods to circumvent many spam filters; more layers are needed to protect emails. Here are some of the most important reasons why an organization should integrate the advanced spam filter SpamTitan into Office 365:
SpamTitan stops 99.99% of spam.
X-Force keeps tabs on trends in spam. In 2023, X-Force noted an increased use of initial access brokers, whereby malicious links are placed within emails or PDFs to download subsequent payloads. Scammers increasingly exploited popular file types such as ZIP, PDF, and . URL. These exploits are replacing dangerous macros. The adaptations made by cybercriminals show how important it is to use dynamic spam erection, with static detection mechanisms being left behind.
X-Force predicts the increasing use of Large Language Model-based GenAI and complex, multi-staged infection chains.
SpamTitan stops Office 365 from becoming a haven for phishing messages and spam emails. SpamTitan continuously scans incoming messages and can even prevent sophisticated spear phishing emails that lead to lost administrator credentials or BEC fraud. In addition, with SpamTitan, you can rely on the following:
- 100% coverage of ALL current market-leading anti-phishing feeds.
- 1.5X increase in unique phishing URL detections
- 1.6X faster phishing detections than the current market leaders
- 10 million net, new, and previously undiscovered phishing URLs every single day
- 5 minutes from initial detection of the malicious, offending URL to an end user’s mailbox
Features of SpamTitan
SpamTitan has been specifically designed to detect and prevent all forms of spam, including emerging and zero-day threats. SpamTitan is not an add-on but a focused solution to sophisticated, multi-stage spam. SpamTitan can be easily used alongside Microsoft Office 365 to bolster the protection offered in EOP and enhance and complement Defender. Some of the main features of SpamTitan include the following:
Advanced Content Filters Prevent Zero-Day Attacks
Phishing, zero-day protection, and malware detection require sophisticated detection methods. A multi-layered approach to spam detection delivers a 99.99% Spam Catch Rate. SpamTitan is based on advanced intelligent technology. It employs multiple technology layers that handle the massive volumes of spam needed to ensure that legitimate email is not caught in a false positive trap. The result is that less than 0.003% of spam detections are false positives.
SpamTitan multiple layers of basic and advanced anti-spam filters include the following:
- Harvesting/dictionary attack protection: filters that look for specific words or content in an email and block/quarantine that email if those words are identified.
- Real-time blocklists (RBLs) and graylists are used as a baseline to identify and block spam from recognized spam-supporting ISPs.
- Allowlists (safe listing): A global Whitelist page will allow control over which messages are always allowed.
- Bayesian Analysis: a self-learning system that continuously improves as it learns.
- Auto Learning: AI and machine learning should be used to protect against cyber threats by using pattern detection in real-time.
- Heuristics: detects viruses by examining code for suspicious properties.
Email Sandboxing
SpamTitan provides a sandbox environment to check the legitimacy of a suspicious email. If the email is legitimate, it will automatically be sent to the correct recipient’s inbox. However, if the email has any signs that it contains dangerous content or malicious attachments, such as ransomware, the email is retained in the sandbox. Held within the sandbox, further analysis of the email can take place. The email sandbox is an isolated virtual machine environment configured to look like a genuine endpoint. This isolation allows any potentially infected attachments or malicious links to be analyzed safely. The information gathered by this analytical process allows a company to modify security policies to provide increasingly accurate identification of spam and phishing.
Cost-effective Data loss prevention (DLP)
Data loss doesn’t just happen because of the concerted efforts by cybercriminals. Accidental loss of data by misdirected emails is common. SpamTitan scans both incoming and outgoing emails to prevent the loss of confidential information. While some DLP functionality is provided by Office 365, those features are only available in the most expensive version, i.e., Enterprise E3. SpamTitan provides DLP out-of-the-box at a competitive price.
Spambots and damaged email domains
Spambots can cause damage to legitimate business domains, i.e., www.mycompnay.com. Spambots are automated programs designed to send mass emails to market products and services. Spambots can also hijack email domains. Office 365 EOP does not prevent your email domains from being hijacked by spambots. However, spambots can cause severe damage to a business, decreasing company email delivery rates and damaging your reputation. SpamTitan ensures that spambots do not abuse your email domains.
Maintains Business Continuity
Keeping your business running smoothly is vital for organizations of all sizes. SpamTitan Private Cloud infrastructure provides backup for your mail server so that you can always have instant email access, even if your company suffers a ransomware attack. If your private mail server is unavailable, SpamTitan holds all emails in a deferred queue for five days by default, with easy configuration to change this value up or down. When your mail server resumes operation, the mail is forwarded to all recipients. Also, SpamTitan stores copies of clean email for a set period and allows end users to view their email via a personal portal.
Dynamic and Configurable Security Policies
SpamTitan is highly configurable, reflecting the unique needs of your business. SpamTitan allows for a dynamic Internet usage policy while keeping the network secure. SpamTitan’s advanced features include an Advanced Content Control filter that enables engineers to apply a specific rule set for your organization. This level of customization is not available in Office 365 standard filtering.
Cost
Getting value for money is at the top of any business’s agenda. SpamTitan is designed to give your company the best anti-spam technologies at the best possible price. For example, 25 users would cost $585 per year, and 250 users would cost $2,340 per year.
Easy to Deploy and Use
SpamTitan has multiple deployment options to meet the needs of businesses of any size. Deployment options include using an in-house IT team or a specialist third-party MSP (managed service provider).
Timely and reliable customer support
TitanHQ prides itself on providing exceptional customer support. Our testimonials speak for themselves.
Exceptional Customer Satisfaction
SpamTitan is proud of our customer satisfaction record with global review website G2 audience reviews placing SpamTitan as a “Leader in 2023”. Also, Gartner Peer Insights gave SpamTitan the thumbs up, with 87% of reviewers recommending the solution for email security.
Out of control, spam can cause nuisance and, at worst, severe damage to IT systems, data, and the company’s reputation. Office 365 has built-in anti-spam features; however, SpamTitan provides a cost-effective, configurable, and intelligent approach to 360-degree spam control for inbound and outbound emails.
SpamTitan and O365 spam filter
SpamTitan seamlessly integrates with Office 365, plugging gaps that allow emerging and zero-day threats into your enterprise network. This defense-in-depth solution protects against over 99% of spam, adding resilience to your most vital productivity tools.
Office 365 EOP is part of the general subscription to O365. However, as mentioned, it has a limited capability regarding spam detection.
Defender for Office 365 has two core plans:
Plan 1: Included in some Microsoft 365 subscriptions, e.g., Microsoft 365 Business Premium. Protects email from zero-day malware, phishing, and business email compromise (BEC).
Plan 2: Included in some Microsoft 365 subscriptions, e.g., Microsoft 365 E5, Microsoft 365 A5, and Microsoft 365 GCC G5. It Includes phishing simulations, post-breach investigation, hunting and response, and automation.
| Feature | SpamTitan+ PhishTitan (Bundle) | SpamTitan+ PhishTitan+ SafeTitan (Bundle) | Defender Plan 1 | Defender Plan 2 |
|---|---|---|---|---|
| Antimalware/Antispam | ||||
| Data Loss Prevention | ||||
| Attachment interrogation | ||||
| AI-enabled advanced anti-spam | ||||
| URL Defense | ||||
| Business continuity | ||||
| Email encryption | ||||
| Phishing simulations | ||||
| BEC defense | ||||
| Auto remediation | ||||
| Sandboxing | ||||
| QR code phishing detection | ||||
| Price of solution (USD)
per 25 users |
Prices vary depending on the number of AMUs:
$10 per user/month up to $57 per user/month. Standalone use can cost from $3 per/month |
Prices vary depending on the number of AMUs:
$10 per user/month up to $57 per user/month. Standalone use can cost from $5.20 per user/month. |
FAQs
What is a spam filter?
Spam filters can be automated or manual. They use technologies that detect suspicious messages using a variety of signals. Some spam filters use advanced tech, such as machine learning, to identify emerging threats and zero-day exploits. Spam filters are often cloud-based SaaS services. They can be run in-house, and some are offered as a service by a manager service provider (MSP).
Why do you need a spam filter?
Phishing and spam are behind many of the most damaging cyber-attacks experienced by organizations worldwide. Spam may seem harmless, but it is not. The massive volume of spam experienced by companies daily causes harm, such as reduced employee productivity. Spam, however, has a sinister side. Spam can be used to directly manipulate people into performing tasks that benefit cybercriminals, such as clicking malicious links. Spam filters, therefore, are used to stop these potentially dangerous emails from entering an employee’s email inbox.
How to choose the best spam filter for Office 365
Evaluation of the best spam filter for Outlook 365 should consider certain things:
- Does the filter apply multiple players of protection, including static and dynamic detection methods?
- Does the spam filter use technologies, like machine learning and NLP (Natural Language Processing), that can identify complex and emerging threats?
- Is the spam filter a cloud-based software service?
- Is the spam filter easy to install, update, manage, configure, and use?
- Can the solution easily integrate with your existing O365 install?
- Is the spam filter cost-effective?
- Can the solution be supplied by an MSP to help reduce and spread the cost?
What about Microsoft’s spam filter for Office 365?
Office 365 comes with basic and advanced spam filtering. The in-built Exchange Online Protection (EOP) has limitations in defending against spam email. Microsoft Defender offers a more comprehensive spam filtering capability. However, Microsoft Defender is either an optional component or part of an enterprise license, so it comes at an additional cost.
Where can I find an email security filtering tool for Office 365?
There are many email security filtering tools for Office 365. It’s a good idea to look at reviews of spam filters from users. Several portals collate these views, including:
- Peerspot: read about 98% of users recommending SpamTitan.
- Gartner Peer Insights
- Capterra
- G2
Is an Office 365 phishing filter the same as a spam filter?
Phishing and spam filters can be used together to provide 360-degree protection against all email-borne threats. It is essential to use a defense-in-depth approach to email security as email is the preferred method to deliver attacks like ransomware. Spam may seem harmless, but it can be used to infiltrate employees, learning if their email addresses are live and the likelihood that they will fall for common phishing tricks. Integrated mail security solutions like SpamTitan and PhishTitan are designed to work seamlessly with Office 365. This holistic solution provides robust protection against all forms of spam and phishing.
What does Office 365 spam protection provide?
Office 365 comes with built-in essential spam protection. This level of protection uses static filtering tools. These tools match suspicious emails against existing databases of known malicious IPs and email addresses. Using an essential spam filtering tool is helpful, but there are issues. One of the problems with static spam filtering is that spammers continually change or hide their IP addresses and register new domains. The databases that list known spammer details struggle to keep up with emerging threats.