Troubleshooting and Identifying Spoofing Attacks

Even with technologies like SPF, DMARC, and DKIM, spoofing and phishing attacks are still extremely prevalent. Some of these attacks can be stopped with properly configured SPF, DMARC, and DKIM, where as others need to be targeted with end user education. This isn’t so much of a how to article, but more of a document…

3

Outbound DKIM signing in Office 365

Every week I work with multiple customers that have experienced phishing attacks where their own domain has been spoofed by the attacker. The conversation always revolves around implementing SPF (Sender Policy Framework) and DMARC (Domain-based Message Authentication, Reporting, and Conformance) to secure their domain. For organizations that cannot use SPF because of its limits (the…

5

Using DMARC to Prevent Spoofing

UPDATE: Exchange Online now suppports outbound DKIM signing.   I have recently seen a large number of cases where an organization’s own domain was spoofed to send that company phishing messages. This isn’t all that uncommon, but what was concerning for me was the method used in these cases to do the spoofing. In these cases,…

9