This “forged sender” technique is typically how those emails purporting to be from the CFO and ordering expediting payment to a vendor (really the scammer who sent the email in the first place) cause so much trouble the poor accounting clerk thinks s/he is replying to the CFO, but is really replying to the scammer. This is because the “From:” portion of an email can be easily forged, but the recipient will have the correct email address for the sender in their Address Book. When a user receives an email from someone they know, but the email seems suspicious, DO NOT REPLY to the email! Instead, train your users to FORWARD the email to the (alleged) original sender. Anti-spam will never be perfect, so users need to be trained when to pause, take a deep breath and think before they open or reply to an email.
Once again, we cannot overemphasize the need for periodic end-user training. In this blog post, continuously updated since March 2019, we describe how we supplement the various open-source anti-spam capabilities that ship with Zimbra with three commercial block list providers for a low-cost, high-impact solution. In the intervening eight years, a lot has changed, but unfortunately email remains the number one attack vector for malware, phishing, whaling and other scams.
Back in 2014 I wrote a good chunk of the Zimbra Anti-Spam Strategies community wiki.
0 kommentar(er)
