Overview
A common phishing method is “pretend” to send emails from your own domain, even when it’s clearly from a fraudulent sender.
Unfortunately, email was designed well before fraudulent methods were thought of so it has numerous weaknesses when it comes to ensuring the integrity of the emails. Most of the additional security features are mostly afterthoughts rather than integral parts of the system.
Prevention Methods
To help ensure only legitimate emails from your domain are possible the two critical areas are:
- SPF: SPF Guide (ensuring hard fail is used)
- DKIM: Enabling DKIM Signing
Optionally, you can also enable DMARC for additional reporting as well and configure emails to reject.