By Benjamin Jaros and Madeline Susemiehl
By Benjamin Jaros and Madeline Susemiehl
Sharkphin provides your organization with a fast first-touch response to reported phishing attempts in your 365 environment
Even with the best spam filtering systems, it is inevitable that eventually malicious emails will enter an organization. Once a malicious email is identified, Sharkphin enables 365 administrators of all skill levels to quickly search the organization's mailboxes for similar messages and safely remove them from the environment before they can be opened and prevent further messages from the same source. Sharkphin accomplishes this by offering a straightforward interface that utilizes PowerShell to bring multiple security actions together. Without Sharkphin, administrators would need to manually log in to various pages in the Security and Compliance portals to accomplish the same tasks, costing additional time and risk that other users will open the malicious package.
The EXE package allows the script to be easily transferred to new computers or sent to new members of the support team who may have little to no experience running PowerShell scripts. While caution should always be exercised when removing data in bulk, Sharkphin is configured to soft-delete spam messages. This reduces the risk of an analyst accidentally removing important information permanently, while still empowering a fast and meaningful first response. While this interface makes security actions more readily available, it is always the responsibility of the administrator running the tool to understand the implications. It is of course recommended that a more experienced technician shadow a help desk analyst running the tool for the first time before asking new help desk members to run the tool on their own.