Dec 28 2022 05:14 PM
I'm not sure how to describe what I'm looking for so let me spell it out the best I can and maybe someone can point me in the right direction.
Recently we've had some targeted spam/phishing attacks that are almost matching the domain of a legitimate customer. For example:
email address removed for privacy reasons
email address removed for privacy reasons
Notice "electric" being spelled with a lower case "L" instead of a lower case "i". We train staff to look at email addresses but that's pretty easy to miss.
Along the same strategy as the "External" tag, where the from field shows "External" when it's not our own domain, I'm wondering if there is a way for Exchange to check the "from" email addresses against a database of confirmed addresses in our CRM and tag them as "unrecognized" or something. That way the staff person might have some idea to look a little closer or check the address against our CRM before replying.
Any thoughts?
Greatly appreciated.
Rois Cannon
Jan 03 2023 09:16 AM
Jan 04 2023 02:50 AM - edited Jan 04 2023 10:35 AM
Do you use the native external tagging feature: https://techcommunity.microsoft.com/t5/exchange-team-blog/native-external-sender-callouts-on-email-i... ?
Jan 04 2023 10:31 AM
Jan 04 2023 10:42 AM
Hi @RoisCannon,
If you are using Exchange online, then the combination of a transport rule and a Power Automate flow can do what you want. You can use this template as a base.