• stoy@lemmy.zip
    link
    fedilink
    arrow-up
    17
    ·
    1 year ago

    I work in IT, and part of ITs duties is managing the enail filter and investigate emails detected or reported as phish or spam.

    We don’t normally see the actual email, but we get basically all the metadata, you can see all sender information, super useful when dickheads try to spoof the sender, we see all URLs in the emails, with a wuick summary of if it is a bad URL, attachments as well, they all get scanned and we get warnings about them if shit is bad.

    I take great pleasure in blocking senders and reporting spam/phishing to improve the global filters.

    If a bad email campaign has gone through the filter we have the tools to find the emails in the differebt mailboxes and delete them, the system is also capable of doing this automatically if it detects bad stuff after delivery.

    • nottheengineer@feddit.de
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      Meanwhile microsoft’s exchange online can’t even prevent attackers from spoofing microsoft.com as the sender. I nearly got caught by a fake quarantine notification once. The thing that made me suspicious was that the fake login page only took a second to load. The real one is never that fast.

      The entire quarantine BS is trying to reinvent the wheel of the spam folder and causes a shitload of headaches for our internal IT.