Hi Paul. We see this a lot as well. We put together some information for our customers about this and a other things we see frequently. I hope some of this can be useful to you and others in the community. I believe #2 is what you are experiencing, correct?
Different spammer techniques...
1.) [Valid User's name on your server (firstname.lastname@example.org
)] To prevent spoofing from your own domain setup SPF / DMARC / DKIM on each of your domains using DNS.
2.) Valid User's name on your server, but actually from spammer address (email@example.com
)] To prevent spoofing from your another domain is difficult because as in this example how would software know that this is an invalid address? Below are some solutions:
a. Add another layer of Security. Message Sniffer will catch most of these but the ones that get through are because Message Sniffer did not have the signature of the spoof. This is the problem with all signature based security products. By adding an additional layer the hope is the second security product will catch the unwanted email. If you were to do this our first suggestion would be CYREN antispam as it is signature less and works on traffic patterns, again it’s an extra layer which helps but the question becomes cost vs return.
b. We can use Declude to block terms or similar.
c. User training. At the end of the line the user is the weak part of the chain. To fix this users need to be able to identify fishing attempts. Here are some companies that help with that:
Here is some additional info you can use or share with your customers: What’s the difference between Phishing and Spear Phishing?
- Phishing emails are sent to the general public. They often impersonate a government agency, bank, the IRS, social networking site or store like Amazon.
- Spear Phishing emails target specific individuals. They are personalized with facts about you or your business to draw you in. And they appear to come from a company or person you do business with. It could come in the form of an email from your CEO.
A Phishing or Spear Phishing Email:
- Is the one that you didn’t initiate.
- May contain strange URLs and email addresses.
- Often uses improper grammar and misspellings.
- Typically contains attachments that you don’t recognize as legitimate.
- Contains a link or email address that you don’t recognize.
- May use language that is urgent or threatening.
- Phishing and Spear Phishing are popular among cybercriminals because they usually succeed.
10 messages have a better than:
- 90% chance of getting a click.
- 8% chance of users clicking on an attachment.
- 8% chance users will fill out a web form.
- 18% chance that users will click a malicious link in an email.
- Even high-level executives get spoofed and share usernames and passwords.
The average cost of a Phishing Scam is $1.6 million. It’s a top security concern for businesses today:
- 1 in 3 companies are affected.
- 30% of Phishing emails get opened.
- Phishing is now the #1 vehicle for ransomware and other forms of malware.
Prevent being a victim of phishing or spear phishing. Here are 8 important things to remember:
1. Stay informed about phishing techniques. Different phishing scams are being sent out every day. Ongoing security awareness training should be a top priority for your organization.
2. Think before you click a link. Don’t click on links from random emails or text messages. Hover your mouse arrow over a link to see who sent it. Most phishing emails begin with “Dear Customer” so watch out for these. Verify the website’s phone number before placing any calls. Remember, the secure website always starts with “https.”
3. Never divulge personal information requested by email, such as your name or credit card number. Typically, phishing emails will direct you to a web page to enter your financial or personal information. When in doubt, visit the main website of the company in the email, and give them a call. And, never send sensitive information in an email to anyone. (A secure website always starts with “https”.)
4. Consider installing an anti-phishing toolbar and security tools. Some Internet browsers offer free, anti-phishing toolbars that can run quick checks on the sites you visit. If a malicious site shows up, the toolbar will alert you. They will drastically reduce the chances of hackers and phishers infiltrating your computer or your network.
5. Never download files from suspicious emails or websites. Double check the website URL for legitimacy by typing the actual address into your Web browser. Check the site’s security certificate. Also, beware of pop-ups as they may be phishing attempts. Your browser settings allow you to block pop-ups, where you can allow them on a case-by-case basis. If one gets through, don’t click on the “cancel” button as this is a ploy to lead you to a phishing site. Click the small “x” in the upper corner of the window, instead.
6. Get into the habit of changing your passwords often. You can also use a password manager like Dashlane or Last Pass that will automatically insert new, hard-to-crack passwords for you.
7. Regularly check your online bank and credit card accounts. To prevent bank phishing and credit card phishing scams, you should personally check your statements regularly. Get monthly statements for your financial accounts and check every entry carefully to ensure no fraudulent transactions have been made without your knowledge.
8. Update your browsers to the latest version. Security patches are released in response to the vulnerabilities that phishers and hackers exploit. Don’t ignore messages to update your browsers, and download the updates as soon as they’re available.