This document explains how you deal with spoofing and phishing e-mails.
Document 5708 ¦ Last updated: 02/15/2017 ACN
If you're receiving suspicious e‑mail that indicates it is from your account, from another reputable source like a la mode, or you're receiving "delivery failure" message that appear to be from someone at a la mode then you've been hit with an e‑mail spoofing or e‑mail phishing attack. Sometimes the messages even appear to be from an imaginary address on your domain.
Here are some important things to know about suspicious e‑mail that you receive:
Most legitimate businesses will never use e‑mail as a means to request account information. Don't ever provide personal information via e‑mail without verifying the request is legitimate.
Reminder: a la mode will never ask for your password via e‑mail.
There's not much that can be done to prevent "spoofing" and "phishing" attacks. For these types of attacks, we recommend:
Phishing Attacks - Install Antivirus Software & Keep It Updated
Many e‑mail attacks this are spread through virus programs that can infect your computer. Running antivirus software with the latest updates is one of the most effective ways to protect yourself from becoming a victim, or possible source, of SPAM attacks.
Spoofed e‑mail - Enable a SPF Record for Your CertMail Domain
A Sender Policy Framework (SPF) record helps prevent "spoofed" e‑mail messages. A SPF record allows other e‑mail servers to identify and reject e‑mails using a forged FROM address by specifying what servers are authorized to transmit e‑mail for that domain.
a la mode can enable SPF records for customers having problems with receiving "spoofed" e‑mail messages. However, SPF records will only work under very specific circumstances. Contact our Technical Support department if you're interested in adding a SPF record to your CertMail domain. We can help determine if this is a viable solution for you.