Avatar of yballan
yballan
Flag for United States of America asked on

Email spoofing

Dear Experts,
My client has regular pop3 email boxes from Godaddy, which recently have been spoofed.  Basically, someone is sending emails using their email addresses requesting payments or loans.  I changed their passwords, scanned their machines, and am pretty sure these emails are not coming from my clients' PCs.  After I spoke to Godaddy, they recommended I switch to Office 365 email boxes because of encryption.
What I am skeptical about is, if all they are using is the email addresses that they know exist, how does encryption of the email stop this type of spoofing?  It feels as though someone just saw my name on the website, and decided to use that name to register for something.
Unless my name itself is encrypted, I cannot stop that person from impersonating me, so why does encrypted email stop spoofing?
Please advise.
Microsoft 365AntiSpamPC

Avatar of undefined
Last Comment
John

8/22/2022 - Mon
SOLUTION
John

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Tom Cieslik

Very simple.
GoDaddy has installed security key verification like DKIM or other on their Office365 and this key is compared to their DNS. SO no one can duplicate settings and send emails from different server pretending is coming from GoDaddy.

This settings can only be implemented on ActiveSynch servers and can;t on old pop3 servers.

I think in your case someone just duplicated your pop3 settings and modified his header to looks like legit email from pop server from Godaddy.
That's why email it looks like legit.

If you going to move to ActiveSynch server you'll be safe
John

That is what spam filtering does and none of this stuff lands in my inbox.
Adam Brown

Moving to o365, in itself, won't stop spoofing. It will, however, net godaddy significant commissions on your licensing.

You also may not be getting spoofed. If the credentials for any of the godaddy accounts are compromised, they can be used to send email legitimately. So make sure your passwords are secure.

Moving to o365 will, however, give you better security controls. Multi  factor authentication helps limit unauthorized use. Dkim and spf provide methods for recipients to verify that emails are sent from you and not spoofed. Pop and imap don't allow these.

For info, godaddy o365 is not different than Microsoft's o365. It is just o365 with godaddy providing tech support.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
ASKER CERTIFIED SOLUTION
Mal Osborne

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
SOLUTION
David Favor

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
yballan

ASKER
Dear Experts,

Thank you for very well rounded advises/insights to this problem.
I will get SPF records, this has been a great education for such wide spread problem.

I really appreciate your comments.
John

You are very welcome and I was happy to help