Link to home
Start Free TrialLog in
Avatar of itwarlord
itwarlord

asked on

I have not thought of anything relevant.

I am trying to protect the email for a company.  abcsales.com.  someone has registered abcsales.net and is emailing all of the vendors.


I am wondering how I could stop this type of spoofing.


They registered the domain in Russia.  They setup an email server and they have copied the exact email structure including signature blocks.




SOLUTION
Avatar of CompProbSolv
CompProbSolv
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of itwarlord
itwarlord

ASKER

So far, three vendors have been targeted.  They have also purchased a second domain name.

This company ended up on the dark web with an RDP server credentials for sale.

they have had their On site Exchange server targeted.  I think they even might have had access to one of the billing computers/email account.  
I asked and they said they have thousands of vendors.  They have asked me to stop the other emails.
EXPERT CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I appreciate all of the advice.  It is nice to be validated.

ABCsales is just an example..  I prefer not to use the true domain name.

Again, Thanks Experts.  I will try to figure out how to split the points.

Bob


And yes, when I was brought into the mix I patched the Exchange Server and followed all steps to ensure it is not compromised.  

For best comments, provide URLs for your live site + the cloned site.

Sometimes, other... approaches can be suggested with real data...

Fake data... requires the most generic guessing...