I am seeing messages that appear to come from the MD or the CEO of the
company to the accounts department asking people to transfer money to
some fake account
These messages were initially few and I ignored. But now this has become
a problem.
I know these are not spam messages so catching them will be out of scope
for a spam filter.
These messages have different envelope ids so SPF checks always pass.
The header from is properly formatted exactly how it will be in a normal
mail
What measures do you take for such spear phishing
Thanks
Ram
