Display Name Spoofing / Impersonation is a simple but effective way hackers will try and obtain information, divert funds, and defraud you and your staff.
The hackers will look for executives within your company and then create valid email addresses with their display names on common mailing platforms, and then send requests through requesting funds transferred, bank details etc.
In a busy workplace with only a glance at the display name it would be easy to action these requests without further thought.
The problem is this type of spoofing uses valid email addresses from valid domains, but with the same display name as executives, so mechanisms like SPF, DKIM and DMARC won’t pick them up.
However, by implementing a simple mail-flow rule, you can easily add a warning to this type of message which should prompt the end use to proceed with caution.
In 2017 the OxfordSBSGuy.com blog has gone from strength to strength, with 26 posts and 863,000 views. In 2017 I implemented SSL and been working on some tweaks here and there to improve performance. This year I’m considering a redesign and new hosting is in the pipeline to improve performance further. Thank you for your support.
Looking forward to 2018, the industry recently has been focusing on security so I’ll be brushing up on some Security Skills with Sophos and WatchGuard, and with more and more clients moving to Office 365, I intend to write a few more PowerShell scripting to help manage end users and computers in the cloud.
If you use Multi Factor Authentication in an Office 365 environment then you will need to use App Passwords for some applications that don’t support Multi Factor Authentication like Outlook, or other email clients on mobile devices.
If you’ve forgotton your App Password or need to delete or create a new one, here is where to find them and how to create a new one.
I recently had to make some bulk changes to calendar permissions in Office 365, the client wanted the Default user permission to be set to Reviewer rather than AvailabilityOnly. So in this post I’ll walk you through how I went about making bulk permission changes to the Default user for the calendar folder for all users in Office 365.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.