Dear all,
I was just wondering about internal domain impersonating.
Senerio 1: Internal Domain of Company is: "Contoso.net" , External Domain is : "Contoso.com"
Company is not owning the domain "Contoso.net" . another company is owning this domain and trying to do phishing attack on this domain.
For Example: Internal site of VC is "VC.contoso.net" published also in the world as a phishing site (by the attacker) people in the organization will try to access this site with VPN connection and try again if VPN will lost connection. so if people will try to authenticate there password and user will be exposed is that correct ?
What can we do in this senerio? should I convert my internal domain to the external one (ADMT to a new domain with Contoso.com).
Is there a way to avoid this senerio?