cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Home

Set Alert notification when sender e-mail address and reply to e-mail address are different

%3CLINGO-SUB%20id%3D%22lingo-sub-481633%22%20slang%3D%22en-US%22%3ESet%20Alert%20notification%20when%20sender%20e-mail%20address%20and%20reply%20to%20e-mail%20address%20are%20different%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-481633%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20There%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOur%20company%20would%20like%20to%20set%20an%20Alert%20or%20some%20kind%20of%20notification%20to%20end%20user%20when%20sender%20e-mail%20address%20and%20reply-to%20e-mail%20address%20are%20different%20to%20avoid%20spoofed%20e-mail%20address%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EE.g%20Sender%20e-mail%20address%20abc%40xyz.com%20and%20reply%20to%20address%20abc%40xy-z.com%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20had%20an%20incident%20where%20the%20user%20had%20a%20contact%20in%20safe%20sender%20list%20which%20was%20exploited%20and%20an%20attacker%20spoofed%20sender%20address%20in%20the%20contact%20%26amp%3B%20sent%20the%20e-mail%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFor%20end%20user%2C%20it%20was%20difficult%20to%20identify%20it%20as%20spoofed%20e-mail%2C%20when%20we%20checked%20the%20reply%20to%20address%20was%20different.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHence%20the%20company%20want%20to%20set%20some%20alert%20mechanism%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-481633%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-481871%22%20slang%3D%22en-US%22%3ERe%3A%20Set%20Alert%20notification%20when%20sender%20e-mail%20address%20and%20reply%20to%20e-mail%20address%20are%20different%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-481871%22%20slang%3D%22en-US%22%3E%3CP%3EDetecting%20spoofed%20messages%20is%20not%20as%20easy%20as%20that.%20Explore%20the%20features%20we%20have%20available%20as%20part%20of%20ATP%20if%20you%20havent%20done%20so%20already%2C%20those%20inlcude%20tips%20that%20notify%20the%20user%20when%20the%20anti-spoof%20checks%20fail%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Foffice365%2Fsecuritycompliance%2Fanti-spoofing-protection%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Foffice365%2Fsecuritycompliance%2Fanti-spoofing-protection%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIn%20addition%2C%20you%20can%20also%20add%20a%20transport%20rule%20that%20prepends%20messages%20sent%20from%20external%20parties%20with%20some%20warning%20text%2C%20or%20change%20the%20message%20subject%2C%20etc.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Praveen_Sheelavant
Praveen_Sheelavant
Occasional Visitor

‎04-23-2019 03:37 PM

‎04-23-2019 03:37 PM

Set Alert notification when sender e-mail address and reply to e-mail address are different

Hi There,

 

Our company would like to set an Alert or some kind of notification to end user when sender e-mail address and reply-to e-mail address are different to avoid spoofed e-mail address

 

E.g Sender e-mail address abc@xyz.com and reply to address abc@xy-z.com 

 

We had an incident where the user had a contact in safe sender list which was exploited and an attacker spoofed sender address in the contact & sent the e-mail

 

For end user, it was difficult to identify it as spoofed e-mail, when we checked the reply to address was different.

 

Hence the company want to set some alert mechanism

Labels:
47 Views
0 Likes
1 Reply
Reply
1 Reply
Highlighted
Vasil Michev

‎04-24-2019 03:19 AM

‎04-24-2019 03:19 AM

Re: Set Alert notification when sender e-mail address and reply to e-mail address are different

Detecting spoofed messages is not as easy as that. Explore the features we have available as part of ATP if you havent done so already, those inlcude tips that notify the user when the anti-spoof checks fail: https://docs.microsoft.com/en-us/office365/securitycompliance/anti-spoofing-protection

 

In addition, you can also add a transport rule that prepends messages sent from external parties with some warning text, or change the message subject, etc.

0 Likes
Reply
Related Conversations
Tabs and Dark Mode
 cjc2112 in Discussions on 09-18-2019
46 Replies
Extentions Synchronization
 Deleted in Discussions on 11-13-2019
3 Replies
Stable version of Edge insider browser
 HotCakeX in Discussions on 10-12-2019
35 Replies
Security Community Webinars
 Valon_Kolica in Security, Privacy & Compliance on 10-22-2019
13 Replies
flashing a white screen while open new tab
 Deleted in Discussions on 10-05-2019
14 Replies
How to Prevent Teams from Auto-Launch
 chenrylee in Microsoft Teams on 06-27-2019
29 Replies