What can I do to stop spammers using my company name in email from field?
Summary
What email marketers say9Marketer opinions
Email marketer from Mailjet recommends implementing strong authentication methods (SPF, DKIM, DMARC) and closely monitoring your domain reputation. If you discover misuse, contact the relevant authorities (e.g., abuse departments of ISPs) with evidence.
Expert from Email Geeks also suggests that examining the links may inform you as to whom is profiting and to do some research on your own affiliate reporting to find the source.
Email marketer from Email Marketing Forum recommends that you educate your customers about the potential for email scams and provide clear information on how to verify the legitimacy of emails they receive from your company.
Email marketer from Spamhaus shares to regularly audit your email infrastructure and security protocols, ensuring that any vulnerabilities that could be exploited by spammers are promptly addressed.
Expert from Email Geeks recommends enabling DMARC with an enforcing policy to help mitigate spoofing that does involve your domains, also putting it on parked/unused domains.
Email marketer from Cloudflare states using strong email authentication standards (SPF, DKIM and DMARC) is critical for domain protection and building sender reputation. Also look into BIMI.
Email marketer from Reddit suggests contacting your email provider to see if they can implement any additional filtering rules based on the content or patterns of the spam emails using your name. Also suggests notifying your customers directly.
Email marketer from Neil Patel advises monitoring online mentions of your brand, setting up Google Alerts, registering variations of your domain name, and using social media monitoring tools to catch instances where your brand name is being misused in email.
Email marketer from SendGrid says that using SPF, DKIM, and DMARC are the key to preventing domain spoofing, and that you should monitor your domain to make sure you are not on any blocklists.
What the experts say9Expert opinions
Expert from Email Geeks says that based on the headers, the spam is coming from a Romanian hotel chain's IP network, and might be from a compromised account.
Expert from Email Geeks explains that stopping emails using your company name but not your domain is likely impossible and depends on details not shared yet. Phishing emails for customer credentials require different mitigation strategies than random spam.
Expert from Word to the Wise explains you can use a Brand Indicator for Message Identification (BIMI) record, which is an emerging standard that allows you to display your brand logo in supporting inboxes, visually assuring recipients that the email is genuinely from your organization. Also this will help prevent against spoofing.
Expert from Email Geeks advises to look at the links in the spam email, especially the CTA. If it's going to affiliate links, that's where to follow the money. If they've been replaced with links to somewhere else, then it's just a spammer has replaced the payload with their own and is sending them out.
Expert from Email Geeks mentions after doing some research on the email, says that the scammer may be running a scam that's not really related to you, rather they're using your name and maybe template, to give their scam plausibility. Also says they doubt that it'll be impacting your email deliverability, or reputation with actual customers, but is probably causing you customer support overhead and heartburn.
Expert from Email Geeks says that since the spam is not authenticated and not coming from your IPs it is not damaging your sender reputation.
Expert from Email Geeks says to be suspicious of the affiliate partner and shut down links and payments if there are affiliate links in the spam message.
Expert from Email Geeks explains that there is enough data to identify the sender, but unless you want to send lawyers after them it's not that useful.
Expert from Spam Resource explains that implementing SPF, DKIM, and DMARC is crucial. DMARC, in particular, allows you to specify what should happen to emails that fail authentication checks, including rejecting them, which can prevent spammers from using your domain.
What the documentation says3Technical articles
Documentation from Google Workspace Admin Help shares that you can use SPF, DKIM, and DMARC records to prevent spammers from forging the 'From' address in emails, making it harder for them to use your domain name.
Documentation from DMARC.org explains that implementing a DMARC policy and monitoring DMARC reports allows you to identify and address instances where your domain is being used to send unauthorized emails, including those using your company name.
Documentation from Microsoft Learn explains how enabling anti-spoofing protection in Microsoft 365, including configuring SPF, DKIM, and DMARC, can help to prevent attackers from impersonating your organization's domain.