Stop Receiving Messaged Spoofed to Appear to be From Your Domain in Office 365

Many organizations have their email hosted with Office 365 and sometimes an email will get through that appears to be from someone in the company when in fact it is not. So how did an email that was fake make it through the email filters?

There are times when organizations like to leave this option open for mass mailings, newsletters, surveys, and the list goes on.

But in today’s day and age of hackers using social engineering to “Trojan Horse” their way into the organization, I feel it is best to tighten this down.

Marketing can send the surveys to an external address if they want to test. I’d rather inconvenience them for the sake of protecting data and systems.

There are two ways that you can accomplish this task. The first is within the Office 365 Admin Center and the other involves adding a DKIM record with your hosting provider.

This article will explain the Office 365 tools. For adding DKIM records you can reference this article.

Here is how to block senders from outside your organization from using your email address to send emails to your employees:

Go to your Office 365 Admin Center

Choose the Exchange Admin Center

Select “mail flow” on the left side of the screen
Click on the + sign to add a new rule

Click to select “Create new rule…”

Chose a name for this rule such as Spoof Rule

Under “Apply this rule if…” click to select “The sender is located…” Then choose “Outside the organization” and click OK

Under “Apply this rule if…” click to select “The sender is located…” Then choose “Outside the organization”, then enter yourdomain.com as the specific words and click OK

Now choose the “More options…” link located at the bottom left and click on “add condition

Click the drop down of the condition and select “the recipient is” and select “domain is” from the expanded list.

Now select the action. I choose “Block the message” then “delete the message without notifying anyone”. The reason I choose this is if someone is pretending to be from our organization, there is no need for me to let them know they hit a good address.

Short of spammers spoofing your spf records, which is rare, this should block people from pretending to be from your organization.

Now you just have to warn the receptionist to be on alert for people calling pretending to be someone from the company.

.

We at Advanced Systems Solutions have helped many organizations protect themselves from harm. If you’re looking for a support company to help keep you safe, with unmatched customer service, please contact us. We love to help!

.

Like our Facebook page by clicking on the icon at the top right of this page to stay up to date with current alerts and information!

Disclaimer: The above information is not intended as technical advice. Additional facts or future developments may affect subjects contained herein. Seek the advice of an IT Professional before acting or relying on any information in this communiqué.