Is this Phishing?

Is this Phishing? (Full Version)

All Forums >> [Microsoft Exchange 2000] >> Server Security

Message

prashanth15 -> Is this Phishing? (9.Jan.2006 8:02:53 AM)
Hi, I have Exchange 2000 running on Windows 2000 Server with Latest security patches from microsoft. Say for example the domain is xyz.com I keep receiving emails from mail@xyz.com,webmaster@xyz.com but there is no mail and webmaster accounts created in active directory. My server is not open relay also. how to prevent this? Appreciate your help on this. Regards, Prashanth

ashok -> RE: Is this Phishing? (9.Jan.2006 8:37:52 PM)
Prashant, We're also having the same issue, however out email filter catches this and drops the requests. I would still want to know how this is done and any possible way to correct it. Ash.

MAR -> RE: Is this Phishing? (9.Jan.2006 9:55:04 PM)
Yes it is a phishing technique. The from field is spoofed. Check the internet header(s) for the source IP (which may or may not be spoofed). One way to prevent this is to add a specific rule. For example, you can add a rule to drop/quarantine any msgs from webmaster/admin/etc. at the gateway. If you dont have any appliances in the DMZ that handle filtering, you can address this problem at the server level as well.

Page: [1]