Avatar of isdd2000
isdd2000
 asked on

Targeted email attacks

Hi Experts,

I have an issue were my domain is subject to a targeted email attack where they are using a similar domain name to impersonate them for example we are domain.com.au and they use domian.com for example. I have contacted the domain registra and they have canceled the account for domian.com but the domain will be available for purchase.

How do i stop this from happening.
SecurityEmail ClientsEmail Servers

Avatar of undefined
Last Comment
isdd2000

8/22/2022 - Mon
John

Unless you wish to buy up all of domain.xy,tf or whatever, you cannot. People can purchase whatever domain they wish that is not owned. You have to purchase what you do not want sold to others.
McKnife

A "targeted e-mail attack" would usually mean, someone of your company is being sent malware specifically appealing to him, like some attachment that has indeed a title that is of interest for his business.

What type of attack are you seeing? What has that to do with the domain name similarity?
isdd2000

ASKER
Hi McKnife,

What we are seeing is someone is using a domain name similar to ours but miss spelled in an attempt to trick our customers in changing the bank details on record for us. So when they go to pay an invoice they pay it to the wrong bank account, the hackers. Using this similar domain name and posing as legitimate staff members.
Your help has saved me hundreds of hours of internet surfing.
fblack61
McKnife

Ah, right.
You could only tell the authorities about it or, like you already did, the domain registra.
All customers should be aware that e-mail addresses can be faked. So they even could use your name with the correct spelling. If your clients wish to have secured and authenticated communication, use certificates and encrypted mails, no way around it.
ASKER CERTIFIED SOLUTION
Dave Howe

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
isdd2000

ASKER
I managed to get the fraudulent domains block, the domain registrar was asking for a court order to release the info they have on file so waiting on that. I've also reported it to the Australian cyber crimes commission or something like that.