Office 365: Spoofing emails. Warning employees about rogue emails from bogus senders
Emails targeting unsuspecting employees continue to be the major cause of cyber attacks on business in Australia. Cyber risks are on the increase and change daily.
With the rise of phishing emails, it’s a good idea to educate users on how to spot emails from non-genuine senders.
A common tactic used by scammers is to send emails using the name of someone within the company (spoofing) but with an external email address. People simply look and see that the email has come from a work colleague and don’t look any further.
There are several counter measures, but one available currently which we consider to be the most affective and least intrusive for users.
Option 1: Warn computer users about every email sent from outside of the organisation by adding a warning message to the body of each email.
This method works well, however it can be viewed as excessive and can cause complaints from staff. Or even worse, staff stop taking notice of the warning because of its familiarity with every email sent from outside the business.
Option 2: A warning method which checks the display name of the sender, and compares it against the display names of a specified list of users in your organisation. This can also work, however it’s quite a manual process to configure and update.
Option 3 (most effective): As part of the support for all of our customers using Think Technology Australia’s Office 365 solutions, we proactively apply alerts to notify users if a matching display name is detected. A warning message is prepended to the email like this:
We are always actively looking for new ways to assist our clients using Office 365 to implement protection to email networks and provide better security when using cloud solutions.
If you would like to find out how we could help you with Office 365 solutions, give us a call today 1300 920 866