Forum Discussion
dgillespie-adf
Aug 26, 2020Brass Contributor
Block Display Name Spoof in EAC
I'm sure we are all dealing with a tremendous uptick in spam/spoof since Covid so what I am looking to do is combat the Display Name spoof. The typical scenario is a bad actor sends from a gmail acc...
- Aug 27, 2020
You can try a mail flow rule, although there is no "display name" condition available, so you'll have to go with "header matches" or similar.
VasilMichev
Aug 27, 2020MVP
You can try a mail flow rule, although there is no "display name" condition available, so you'll have to go with "header matches" or similar.
- dgillespie-adfAug 27, 2020Brass Contributor
- Vaman-KiniAug 27, 2020Brass Contributor
dgillespie-adf I have had success with the Impersonation policy under phishing wherein we tested with <Myname> myname@domain.com added to the list of users to protect and send an email from <Myname> xyz@somedomain.com . The policy detected it to be impersonation.
I wanted to test this safely with the Senior management email address and trying figure out a safe way to do that. documentation is here
- mnoahApr 09, 2024Copper Contributor
Vaman-Kini that's great until the threat actor finds a variation of the employees name and uses that. For example, on linked in an employee might have First Middle Last name. But in MS only have First and Last. You cannot enter another entry to include the middle name as you will get an "Email already exists" for that email account you're trying to protect.