Jump to content

question about mail rules and avoid spearhead phishing


Recommended Posts

Hello, 

 

Customer with Exchange 2013 CU23 was in email-discussion with a supplier.


"Supplier-mail-adress"  send an faked pdf-invoice with different bank-details.  (scam-mail)

From:  Field was right.

Reply-to: was the scammer with a strange-mail-domain.

SMTP Sender IP  was strange and not the Supplier

 

In ESET Mail Security I could create Mail-Rules in case "SPF failed" or "rDNS is missing" , but as far as I know I don´t have much other opportunities to avoid such scam.

 

Thx for you oppinion!

 

 

 

Link to comment
Share on other sites

  • ESET Staff

Hi,

your customer can use additional rules with conditions: SMTP Sender's domain, Sender's IP address, From header - address, to check if emails with From: "supplier-mail-address" have also corresponding IP address range or SMTP Sender.

Note: we plan to add the Sender Spoofing Protection feature to the upcoming vNext version of EMSX, to help to automate tasks like these.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...