This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 25%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Recently, some employees of my organization received couple of phishing email from internal email addresses. I found out that spoofed messages may originate from someone or somewhere other than the actual address. However, they thought that they had to click on the link which hacker sent since the sender is valid. However, I could see any solution to prevent these dangerous emails. Please let me know if I should configure something in Exchange Server to block this kind of threat.
What are you using for anti-spam? Thats where this should really be handled. Third party or 365/EOP is much better than trying to do this with Exchange or using the built-in anti-spam features.
Otherwise, I would create a transport rule and block the messages that way. Be sure to exclude any IPs of sending servers that may be allowed to send as your domain..https://support.knowbe4.com/hc/en-us/articles/212679977-Domain-Spoof-Prevention-in-Exchange-2013-2016-Office-365
You should also have a valid SPF record at minimum (DKIM and DMARC even better) and you can checking for that with your anti-spam solution.
Thanks for your answer. I use no third party tool to do it. I did it using Exchange but as you mentioned it's much better to have a third party tool. I didn't see EOP in my O365 package. Should I purchase it separately? What is the best tool to defend against Phishing&Spam emails?
Yes, personally I would look at EOP/ATP. Its very powerful and getting better all the time. It will also allow you to leverage DKIM for outbound mail
If you dont have it already, it can purchase it
See if this article helps: https://www.codetwo.com/admins-blog/how-to-prevent-internal-email-spoofing-in-exchange/. It shows how to prevent email spoofing in an Exchange organization.