Share via

Fraudulent Email similar to my domain

Anonymous
2024-11-24T21:19:58+00:00

I'm head of IT for my facing issue with Fraudulent Email, someone A fraudster created an email similar to my domain address , defrauds customers and demands to send money to your account, which led to a problem between my company and some customer's. Need your support to block the mail from hotmail

Outlook | Web | Outlook on the web for business | Security

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-11-25T00:42:07+00:00

    Hello Ehab Sameih1,

    Good day! Thank you for reaching out to the Microsoft Outlook community.

    I understand how concerning and damaging fraudulent emails like these can be, and I’m here to help guide you through addressing this issue.

    It appears that a fraudster has created an email address resembling your company’s domain, misleading your customers and causing a serious breach of trust. This is a classic case of email spoofing, where attackers attempt to impersonate legitimate organizations to commit fraud.

    To better understand and investigate your problem, I can get some more detailed information from you:

    1. Could you please share me the details of your Outlook version? Follow this article Which version of Outlook do I have? - Microsoft Support and follow the steps to check.
    2. Are you using yourMicrosoft 365 work account(@xxx.onmicrosoft.com/@yourdomain.com) orpersonal account (ending in outlook.com/hotmail.com/live.com/msn.com) or another third-party pop/imap account?

    Microsoft takes spoofing and fraudulent email activities very seriously. We’ll explore steps to block these malicious emails from reaching recipients and protect your domain’s reputation.

    Strengthen Your Domain with SPF, DKIM, and DMARC
    These email authentication protocols are crucial for preventing spoofing. Ensure your domain has correctly configured:

    • SPF (Sender Policy Framework): To specify authorized mail servers.
    • DKIM (DomainKeys Identified Mail): To add a digital signature.
    • DMARC (Domain-based Message Authentication, Reporting, and Conformance): To enforce email validation policies and receive reports of spoofing attempts.

    Work with your domain registrar or IT provider to verify and implement these configurations.

    Add to Blocked Senders List:

    • Click on the gear icon located at the top right corner of your inbox.
    • Select View all Outlook settings at the bottom of the menu.
    • Navigate to Mail > Junk email.
    • Under Blocked senders and domains, enter the fraudulent email address or domain and click Add. Make sure to save your changes.

    Report Fraudulent Emails to Microsoft

    Encourage your customers to report any suspicious emails directly to Microsoft as phishing:

    • In Outlook, select the email, go to Report Message, and choose Phishing.
    • Customers using other email providers can forward the email as an attachment to ******@phishing.microsoft.com.
    • It’s also advisable to report this fraudulent email to Microsoft. You can do this by selecting the email, clicking on Report junk, and then choosing Phishing. This helps Microsoft take action against such accounts

    Block the Fraudulent Sender:

    • Open an email from the fraudulent sender.
    • Click on the three dots (More options) at the top of the email.
    • Select Block from the dropdown menu. This will prevent future emails from this sender from appearing in your inbox.

    Educate Your Customers
    Notify your customers about the fraudulent email. Share guidance on how to identify legitimate communications from your company (e.g., domain spelling, tone, or specific verification methods).

    Inform your customers about this issue through a direct communication channel, such as an official email or a notice on your website, advising them not to respond to or click on links from suspicious emails.

    Block the Fraudulent Email Address
    If the fraudulent address is consistently the same:

    • Set up a rule in your organization's email gateway to block it.
    • If you use Microsoft 365:
      • Go to the Exchange Admin Center (EAC) > Mail Flow > Rules.
      • Create a rule to block emails from that specific address or domain.

    Legal Action
    Work with local authorities or legal counsel to report the impersonation. You may also contact Hotmail support directly to request the fraudulent account be disabled.

    • Use Microsoft Defender for Office 365 for enhanced protection against phishing and fraud.
    • Monitor your DMARC reports to detect unauthorized usage of your domain.
    • Alert all employees and customers to verify the sender's details before taking action on financial matters.

    I hope this information helps address the issue and protects your customers and company moving forward. Please let me know if you need assistance implementing these solutions, and feel free to share updates on your progress.

    Please understand that our initial response may not always resolve the issue immediately. However, with your help and more detailed information, we can work together to find a solution.

    I appreciate your patience and understanding, and thank you for your time and cooperation. Have a nice day!

    Let me know how it goes! Thank you for joining the Microsoft community.

    Sincerely

    Microsoft Community Moderator

    Was this answer helpful?

    0 comments