question

BenBoaron-3174 avatar image
0 Votes"
BenBoaron-3174 asked DaisyZhou-MSFT commented

Impersonating Internal Domain

Dear all,
I was just wondering about internal domain impersonating.
Senerio 1: Internal Domain of Company is: "Contoso.net" , External Domain is : "Contoso.com"
Company is not owning the domain "Contoso.net" . another company is owning this domain and trying to do phishing attack on this domain.
For Example: Internal site of VC is "VC.contoso.net" published also in the world as a phishing site (by the attacker) people in the organization will try to access this site with VPN connection and try again if VPN will lost connection. so if people will try to authenticate there password and user will be exposed is that correct ?
What can we do in this senerio? should I convert my internal domain to the external one (ADMT to a new domain with Contoso.com).
Is there a way to avoid this senerio?

windows-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Some possibilities here.
https://docs.microsoft.com/en-us/windows/security/identity-protection/vpn/vpn-authentication

--please don't forget to upvote and Accept as answer if the reply is helpful--


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DaisyZhou-MSFT avatar image
0 Votes"
DaisyZhou-MSFT answered

Hello @BenBoaron-3174,

Thank you for posting here.

When the website is being attacked by the attacker, you can temporarily disconnect the VPN or temporarily do not visit this website.

If you find that your account and password may be attacked, you must set the password complexity and account lock policy in advance.

It is recommended to strengthen domain network security.

Hope the information above is helpful.

Should you have any question or concern, please feel free to let us know.


Best Regards,
Daisy Zhou

============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Just checking if there's any progress or updates?

--please don't forget to upvote and Accept as answer if the reply is helpful--




5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

BenBoaron-3174 avatar image
0 Votes"
BenBoaron-3174 answered DaisyZhou-MSFT commented

I just wanna know if that's a possible senerio? and if there is something else to do about this?
instead of changing the internal domain to be like the domain that I own?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @BenBoaron-3174,

Thank you for your update.

Not sure if the scenario will happen. We suggest network safety protection work.

Should you have any question or concern, please feel free to let us know.


Best Regards,
Daisy Zhou

============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.


0 Votes 0 ·