DARSHAN DIORA
asked on
Email security isues
We are using Microsoft 365 - Outlook.
Recently we are facing issues like email send from many of customers are seems to be from different email users may be hacker.
Like earlier original mail from one customer purchase@mesco.in and now i checked its from purchase.mesco.in@mail.com. when we send proforma invoice to our customer they receive with different bank details than us due to this same one of customer transferred the payment to this fraudster. How can we resolve this.
Best Regartds
Darshan
Recently we are facing issues like email send from many of customers are seems to be from different email users may be hacker.
Like earlier original mail from one customer purchase@mesco.in and now i checked its from purchase.mesco.in@mail.com. when we send proforma invoice to our customer they receive with different bank details than us due to this same one of customer transferred the payment to this fraudster. How can we resolve this.
Best Regartds
Darshan
ASKER
Hi,
we are using Microsoft 365 and having cloud based emails and no server control Kindly explain where its has to be implemented
we are using Microsoft 365 and having cloud based emails and no server control Kindly explain where its has to be implemented
ASKER
Office 365 is just installed on the Desktop but email taken from Bigrock. Kindly explain in detials where it has to be implemented
You will need to inform your customers that invoices will only come from your domain name. Example, invoices@<yourdomain.com>
Since you are using Microsoft365, it should help generate the needed spf record for your domain, but as Hayes Jupe mentioned, you should also look at setting up your DKIM and DMARC records after your spf is confirmed. I advise you work with your current DNS/Domain name provider to help you with this.
Since you are using Microsoft365, it should help generate the needed spf record for your domain, but as Hayes Jupe mentioned, you should also look at setting up your DKIM and DMARC records after your spf is confirmed. I advise you work with your current DNS/Domain name provider to help you with this.
ASKER
Hi
Can any tweak possible at desktop level to resolve this issue as we have Quick heal antivirus updated and windows 10 updated yesterday.
Can any tweak possible at desktop level to resolve this issue as we have Quick heal antivirus updated and windows 10 updated yesterday.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
https://www.experts-exchange.com/questions/29215065/Need-to-minimize-risk-in-my-choices-of-a-CRM-Click-Funnels-Mail-Typeform-etc.html provides detail about this type of setup, including how to use the Port25 verifier.
My bet is some of your users are getting compromised. On top of the controls that have been suggested here, you need a better password policy, along with multi factor authentication.
when we send proforma invoice to our customer they receive with different bank details than us
what generates the proforma invoice? What is the path from generation to the reception by the client? You can only do so much at your end and the client also has to take responsibility as well.
what generates the proforma invoice? What is the path from generation to the reception by the client? You can only do so much at your end and the client also has to take responsibility as well.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
advise your clients to also implement these.
Organisations not having the basics implemented (at least SPF and reverse lookup as a minimum) is a disaster waiting to happen.