We've recently been hit with a lot of phishing emails where the from address of the email is spoofed and appears to come from some sort of IT or Security department in our domain. They usually will contain a link to a fake OWA site that looks
just like ours. Is there anything we can do to flag these spoofed emails and either prevent them from being delivered or mark them somehow so users are less likely to fall for them? We're already using FOPE in the cloud and FPE locally, but phishing
emails aren't always caught by spam filters. Is there anyway to check the originating IP or something like that? Or maybe something with certificates to prove that emails from this specific address are always IT and don't trust anythign that's
not? I'm reaching here, but I'm not sure what if any options we have. Thanks for any ideas.
↧
