Scam Alert : Your account has been hacked Posted by on 13 November 2018 08:08 PM
|
|||||||||
What is scam mail? How can you tell? Asks for personal details Recently you might have noticed emails with the below subjects: Security Alert. Your account has been hacked. Password must need to be Changed. For Example, please refer the below screen-shot:
Case 1 : The mail can be a spoofed mail with a Scam content
1. What is spoofing?
Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual sender. 2. How to identify a spoofed mail?
Sample header: “Received-SPF: Softfail (domain owner discourages use of this host)” 3. How to find the Header of an Email? Refer the following documentation for the steps: https://mxtoolbox.com/public/content/emailheaders/ Solution to the Spoofing Issue on our Infrastructure:
NOTE: If you are sending emails from any other provider then please include the sending server details in the SPF record.
Case 2: Scam mail coming from a different Email account. 1.What should you do next?
For example: If you get a scam mail from super@onlyfordemo.com, you can contact the “ Registrar Abuse Contact Email: [email protected] “ and raise your concern. The abuse contact email account for a domain can be fetched from the above-mentioned URL.
FAQs 1. Are our Email accounts compromised? No. Your email accounts are not compromised. The emails you are getting is either a spoofed mail or a Scam mail. 2. Is our server Identifying the mail as SPAM? Yes. Our server is identifying the mail as spam and the emails are landing in SPAM/JUNK folder. If you check the header of the mail then you can find the mail tagged as “X-CMAE-Score: 100”. 3. How can we avoid spoofed mail? We can avoid this by updating the Strict SPF record in the Zone file of the domain. By updating the strict SPF record, the recipient mail server will reject the mails from unauthorized senders. 4. How to tell if an email is a scam?
5. Can we completely avoid scam mail reaching the INBOX? No, In every case the scammer may use different subject and the different body, so creating a filter globally won't help, it can also block legitimate emails.
| |||||||||
|