Spam. It wastes time and resources. In most cases, the amount of spam received by an organization far exceeds the amount of legitimate email.
E.g. Average volume of spam received daily:
| Total Email Received | Spam | Phishing | Malware | Legitimate | Spam % |
|---|---|---|---|---|---|
| 50, 830 | 3257 | 1263 | 10 | 46, 300 | 11 |
From a SysAdmin point of view, using anti-spam protection is the best way to go to protect your company against spam, and, if you are using Exchange or Exchange Online, one of the best options for you is to use Microsoft's answer to this: Microsoft 365 Defender
There are also other non-Microsoft options e.g.
- Mimecast
- GFI MailEssentials
- N-able Mail Assure
When using Exchange and the Outlook client (or Outlook.com), Microsoft has an addon "Report Message" which helps users to report spam and phishing emails (This can be deployed by an Admin to everyone in your company):
When on the Outlook desktop client, you should actively mark items as Junk and block their senders. Do the following:
- Select the email | Click "Report Message" | Choose "Phishing" or "Junk"
Doing this sends a copy of the email for analysis to Microsoft Defender and helps to train the model that detects Junk mail and Phishing Scams.
From time to time you may also receive an email telling you about quarantined emails.
Important - check very carefully and make sure you know the sender before releasing an email. Otherwise you may end up releasing an email that you shouldn't. If in doubt call your friendly SysAdmin who will help you to determine if it's safe to release.
If your email is hosted by a third-party provider other than Outlook, Office 365, or Gmail, take the following precautions:
- Immediately change your password – If you suspect your email account has been targeted, update your credentials to prevent unauthorized access.
- Enable two-factor authentication (2FA) – This adds an extra layer of security to your email account.
- Consider migrating to a trusted provider – Outlook, Office 365, and Gmail offer robust phishing and spam protection. If your current provider lacks strong security measures, switching to one of these services can reduce future phishing risks.
- Monitor your account for unusual activity – Check your sent folder and recent login activity to ensure no unauthorized access has occurred.
Warning: If you receive a phishing attempt through a third-party email provider with poor filtering, your email account is at greater risk of being compromised. Migrating your email to a secure provider like Outlook or Gmail improves security and reduces phishing attempts.
By taking proactive measures, you can significantly reduce the chances of falling victim to phishing and spam emails.
