We have faced two instances where client the scenario goes like this
An email is received by the bookkeeper or the finance team member pretending from the Director.
The email is actually sent using a random with display email and name of the Director which any non-technical person can not find the difference other than the Signatures not being there.
My questions is:
1) How do they manage to get the names so right including the director
2) We have SPF setup for Strict settings, how can we prevent this?
Any ideas will be appreciated.