Hey folks, I'm looking for a reliable method to create a mail flow rule that flags impersonation emails. Specifically, I'm seeing a lot of emails appearing from external domains using the same display name as our internal staff members. For instance, emails from addresses like [email protected] are causing issues because the display name matches our own employees, likely gathered from places like LinkedIn. It would be awesome if I could either reject these emails outright or at least flag them for further review. Any suggestions? Thanks!
2 Answers
First off, make sure you aren't whitelisting domains that send emails like this. If you aren't whitelisting, you're good there! You could look into a combination of spam filters and specific mail flow rules to catch these impersonation attempts. Have you checked any blogs or guides on the anti-phishing settings for your email platform? They usually have useful info on how to set up rules for such situations.
You might want to consider using services like Mimecast for additional protection. While I haven't personally set it up with Office 365, I've heard from others that it provides solid support against these types of emails. There's also a resource I found that talks about Anti-Phishing policies—might give you some good strategies to implement. Here's the link if you're interested: [link].
I haven't done that yet, but I’ll definitely check it out! Thanks for the tip!