17
[UI] Simple Change to help users w/Phishing
Idea shared by kevind - 3/4/2020 at 7:45 AM
Completed
Phishing is a problem that is getting worse:

Here's a simple enhancement to help users identify phishing messages. When the email address is not in the user's contact list or GAL, display the full email address next to the friendly name.

Current ->     From: Joe Biden
Proposed -> From: Joe Biden <joe@this-is-a-scam.xyz>

Gmail and other mail systems currently do this.

Thanks,
Kevin

10 Replies

Reply to Thread
3
+1
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
2
+11
2
+111
2
+1
3
Matt Petty Replied
Employee Post
I'll add this as a discussion topic for next week. This seems like an easy way to show unknown addresses. We also have protections in place if they attempt to use an email address as a display name but that doesn't cover them using a known or trusted name.
Matt Petty Senior Software Developer SmarterTools Inc. www.smartertools.com
3
Employee Replied
Employee Post
This feature has been implemented and will be available in the next beta release.
2
Robert, thank you! This will be very beneficial to all of your customers.

Coincidentally, today we had a phishing attack on one of our domains! Hundreds of users got an email that appeared to be come from within the domain. Told them to upgrade their mailbox by clicking a link that took them to this site:


It's an exact replica of a SmarterMail login! Needless to say we've been busy dealing with phone calls and changing passwords. This enhancement will mitigate this in the future.

Kevin
1
Yes, a replica of an old smartermail login page. It seems they try to fish only up to SM 15.x users.
Sébastien Riccio System & Network Admin https://swisscenter.com
2
Looks like the phishers are exploiting a SM15 vulnerability with the web UI to make it appear it was sent from within the domain. Even when you hover/click on the From address, it shows an internal address. Email clients show the true external sending address.
1
Great idea.

Reply to Thread