cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Someone spoofed my company's domain

nikitamobile85
Copper Contributor

‎Apr 18 2021 09:39 PM - last edited on ‎Apr 04 2022 07:26 AM by

‎Apr 18 2021 09:39 PM - last edited on ‎Apr 04 2022 07:26 AM by

Someone spoofed my company's domain

Good afternoon,

 

someone has spoofed my company's domain and is sending hundreds of emails to random organizations worldwide. He is using one of the valid email accounts to impersonate and as a result one of our users was receiving 20-30 replies from unknown people. We have enabled DMARC reject policy and it gave an effect. I can see that multiple attempts are now being rejected due to SPF check failure. However DMARC doesn't protect in 100% cases and some of the emails are still being delivered. I believe these are those cases where receiving side is not validating SPF/DKIM. I'm getting multiple DMARC reports and can see source IP addresses for spoofing emails. All of them are from GoDaddy IP range but GoDaddy is not replying to abuse reports. My question: Whether there is any other way to complain and stop this?  

1,439 Views
0 Likes
3 Replies
Reply
3 Replies
Vasil Michev

‎Apr 19 2021 10:33 AM

‎Apr 19 2021 10:33 AM

Re: Someone spoofed my company's domain

Sadly it's not that easy, best thing to do is harden things on your end and keep on reporting them.
0 Likes
Reply
Reza_Ameri

‎Apr 20 2021 07:36 AM

‎Apr 20 2021 07:36 AM

Re: Someone spoofed my company's domain

Make sure instruct users about this spam and when they receive it, then mark it as Junk (instead of deleting) and this way your Anti-Spam filter will gets smarter
0 Likes
Reply
NNS51875

‎Apr 21 2021 01:55 AM

‎Apr 21 2021 01:55 AM

Re: Someone spoofed my company's domain

I suggest please check with your Internal security team there are various way!
Please deploy Azure Defender to protect your Public DNS as we all IaaS and PaaS workload, start adopting "Zero Trust security model" and Defender for endpoint , Azure ATP, MCAS and AIP and for that you M365 license E5, which more effective.
0 Likes
Reply