Redtree IT

Microsoft blocks 60,000 malicious emails every minute.

February 17th 2022

By Matthew Phillips

Email servers must be a really scary place.

Microsoft 365 has built in email protection, helping us all to sleep at night knowing that bad stuff is being turned away.  They report to have been blocking one-thousand bad emails every second (that’s a huge amount of email traffic over the year). Most of these emails would have been phishing emails, trying to trick the recipient into clicking a link and installing software that your IT guys really wouldn’t be pleased with.

Microsoft also blocked 90.6 billion password attacks, where the hacker attempts to guess passwords using dictionary lists or password lists bought from the dark web.

Luckily the Tech Giant is there to protect us!

Redtree Security
Photo by Mike from Pexels

Is Microsoft's default protection enough?

it’s great that there is some protection there, stopping these emails getting as far as our our mail clients.  But is not enough, there are other tools and features already build into your Microsoft licence that you need to start using.

There are really simple ways to protect yourself, but so many of us fall short.

So many people use simple passwords that are easy to guess, adding punctuation to the end does not make it a secure password, we all know someone who uses Password1! Using secure passwords is so important, how about three words separated by spaces with some numbers like, Frogs Blue Dinner12.  An easy to remember collection of words is way more secure.

Multi-factor authentication is another protection that built into Office 365 and is a simple and easy way to protect your business, best of all, its usually free.  unfortunately many businesses have not enabled it.

It works by sending a code to your mobile device via SMS, you then type that code into the app and your in.  The beauty is, the bad guys don’t have access to your mobile phone (unless it’s my son trying to hack me).

This feature is not only available on Office 365, you can protect most online systems this way.  I would even go as far as saying, if it doesn’t offer you MFA it probably isn’t worth using.

How about some action points? After reading this why don’t you enable multi-factor on

  • Facebook
  • LinkedIn
  • Your online accounts package (Xero, Quickbooks, Sage)
  • Amazon
  • Dropbox

Don’t stop there, how about a password manager that will generate and store secure passwords for you or perhaps use a hardware device such as YubiKey for extra security (check them out here).

Can we help you secure your systems? Just give us a call.