Avatar of itwarlord
itwarlord
 asked on

I have not thought of anything relevant.

I am trying to protect the email for a company.  abcsales.com.  someone has registered abcsales.net and is emailing all of the vendors.


I am wondering how I could stop this type of spoofing.


They registered the domain in Russia.  They setup an email server and they have copied the exact email structure including signature blocks.




Cyber Security* email spoof

Avatar of undefined
Last Comment
David Favor

8/22/2022 - Mon
SOLUTION
CompProbSolv

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
itwarlord

ASKER
So far, three vendors have been targeted.  They have also purchased a second domain name.

This company ended up on the dark web with an RDP server credentials for sale.

they have had their On site Exchange server targeted.  I think they even might have had access to one of the billing computers/email account.  
I asked and they said they have thousands of vendors.  They have asked me to stop the other emails.
EXPERT CERTIFIED SOLUTION
David Johnson, CD

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
SOLUTION
CompProbSolv

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
ASKER CERTIFIED SOLUTION
David Favor

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
itwarlord

ASKER
I appreciate all of the advice.  It is nice to be validated.

ABCsales is just an example..  I prefer not to use the true domain name.

Again, Thanks Experts.  I will try to figure out how to split the points.

Bob


itwarlord

ASKER
And yes, when I was brought into the mix I patched the Exchange Server and followed all steps to ensure it is not compromised.  

Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
David Favor

For best comments, provide URLs for your live site + the cloned site.

Sometimes, other... approaches can be suggested with real data...

Fake data... requires the most generic guessing...