Dec 12 2019
01:45 AM
- last edited on
Feb 01 2023
09:25 AM
by
TechCommunityAP
Dec 12 2019
01:45 AM
- last edited on
Feb 01 2023
09:25 AM
by
TechCommunityAP
Hello everyone,
We received a phishing email in our company today, the problem is that it looked a lot like it came from our own domain: "ms03support-onlinesubscription-noticfication-mailsettings@***.com"
Of course we've put the sender on blocklist, but since the domain is - in theory - our own, we cannot block it. Our idea would be that we should enable receiving emails - besides from external senders - only from the internal email addresses, that exist at our company, and can be controlled by our admins.
Is there any solution for this? Thank you for your answers in advance!
Dec 12 2019 11:02 AM
Cannot speak without seeing the full set of information about this message, but in general phishing can happen. Features such as ATP's anti-spoof protection, DKIM, DMARC help, and you can also set up a simple transport rule that flag every external email: https://office365itpros.com/2019/03/08/marking-external-email-with-exchange-transport-rule/