Tag Archives: mail-flow

Office 365 / Exchange: Stop Display Name Spoofing

Office 365

Display Name Spoofing / Impersonation is a simple but effective way hackers will try and obtain information, divert funds, and defraud you and your staff.

The hackers will look for executives within your company and then create valid email addresses with their display names on common mailing platforms, and then send requests through requesting funds transferred, bank details etc.

In a busy workplace with only a glance at the display name it would be easy to action these requests without further thought.

The problem is this type of spoofing uses valid email addresses from valid domains, but with the same display name as executives, so mechanisms like SPF, DKIM and DMARC won’t pick them up.

However, by implementing a simple mail-flow rule, you can easily add a warning to this type of message which should prompt the end use to proceed with caution.

Here’s how to set it up.

Continue reading