MDaemon Technologies Blog

10 Tips to Help Healthcare Employees Identify a Phishing Email

By Brad Wyro posted in Email How To, Email Security, Cybersecurity, Stop Spam Email, Spear Phishing, Phishing, Health Care Security

0 Comments

 

Whether you run a multi-campus medical center or a small private practice, you’ve likely heard about cyber criminals who try to trick you and your employees into clicking a link or downloading an attachment so they can steal your organization’s money or protected data.

Read More

Microsoft 365 Vulnerabilities Your Healthcare Business Should Consider

By Brad Wyro posted in Email Gateway How-To, Email Security, Stop Spam Email, Phishing, Two-Factor Authentication, Health Care Security, Email Best Practices

0 Comments

The COVID-19 pandemic has accelerated the adoption of cloud services across all industries, but particularly for healthcare providers. If your healthcare organization is considering moving your email from on-premise servers to the cloud, you must do your due diligence around significant security drawbacks that may overshadow the perceived benefits.

Read More

Phishing Email Targets Healthcare to Get Past Microsoft Security

By Brad Wyro posted in Email Gateway How-To, Email Security, Stop Spam Email, Phishing, Two-Factor Authentication, Health Care Security, Email Best Practices

0 Comments

 

The COVID-19 pandemic has been a boon for bad actors across the digital landscape. In July, for instance, authorities in the U.S., U.K. and Canada all issued warnings about serious cyberattacks against healthcare organizations and others involved in the coronavirus response. The purpose of these attacks? Theft of intellectual property during the race to develop a vaccine. The tool of choice? Spear-phishing email attacks.

Read More

How to Secure your Business Email as Employees Work from Home

By Brad Wyro posted in Data Leak Prevention, Email Privacy, Email Security, Email Encryption, Cybersecurity, Security Gateway for Email, Stop Spam Email, Email Security Best Practices, Two-Factor Authentication, Email Best Practices

0 Comments

The COVID-19 crisis has changed the way we approach data privacy and email security as the transition to working from home has been accompanied by a growing surge of Coronavirus themed phishing scams and spoofed websites used to distribute malware or lure victims into providing confidential information.

Read More

Protect Microsoft 365 with SecurityGateway™ for Email

By Brad Wyro posted in Email Privacy, Email Security, Security Gateway for Email, Stop Spam Email

0 Comments

As of this year, Microsoft 365 (formerly Office 365) has grown to more than 345 million paid subscribers, and businesses continue to use the platform, with its commercial base now topping 440 million seats worldwide. But as those subscription numbers keep climbing, Microsoft 365 becomes an even bigger target for cybercriminals looking to spread phishing, ransomware, and a new wave of AI-generated attacks.

Read More

Phishing Email Uses Google Drive to Get Past Microsoft Security

By Brad Wyro posted in Business Email Compromise, Email Security, Stop Spam Email, Spear Phishing, Phishing

0 Comments

This week, Threatpost reported on a new spear-phishing attack that uses email sent via Google Drive claiming to be the CEO of the targeted company sharing important information with the recipients.  The email came from Google Drive, but the sender address didn't match the company's standard naming convention for email addresses.

Read More

Not Today, Scammer! Today's Phishing Attempt

By Brad Wyro posted in Email Security, Cybersecurity, Stop Spam Email, Phishing

0 Comments

A brief glance through my Spam folder in MDaemon Webmail today reminded me of the need for on-going education on the topic of phishing and Business Email Compromise (BEC) scams. Because businesses have already lost millions of dollars to these scams and continue to fall victim every day, it bears repeating that, while spam filters and secure email gateways continue to improve, no solution is 100% fool-proof.

Read More

12 Tips to Identify a Phishing Email

By Brad Wyro posted in Email How To, Email Security, Cybersecurity, Stop Spam Email, Spear Phishing, Phishing, Email Security Best Practices

0 Comments

Don’t Risk Losing your Life Savings to Scammers. Follow these 12 Tips to Identify a Phishing Email.

Whether you run a Fortune 500 organization or a small boutique, by now you should be aware of the threats posed by cyber criminals trying to trick you into clicking a link, downloading an attachment, scanning a QR code, or parting ways with your money.

Read More

How to Stop Spam Emails: 10 Ways to Clean Your Inbox in 2026

By Brad Wyro posted in Email Security, Stop Spam Email

0 Comments

Before email, the mail that piled up in your physical mailbox was full of pamphlets, sales brochures, credit card offers, and product catalogs. Most of it went straight into the trash. Today the equivalent, and often far more dangerous, nuisance is spam. It has evolved from dubious product claims, miracle supplements, and offers of easy money into ransomware, targeted spear-phishing, and business email compromise (BEC) scams that can drain a company's bank account in a single afternoon.

Here's the part that's changed most. For years, the easiest way to spot a scam email was its broken grammar and clumsy wording. That tell is gone. Attackers now use generative AI to write phishing messages that are linguistically perfect, contextually relevant, and personalized to you, produced at scale with almost no effort. Security researchers reported a sharp spike in phishing through 2025, and Kaspersky found that roughly 45% of all email traffic was still spam, with malicious attachments climbing about 15% year over year. The volume hasn't gone away, and the messages that do get through are harder than ever to recognize.

So how can users protect themselves from becoming the next victim? There are numerous spam-fighting tools in MDaemon and other mail servers, but server-side tools are only half of the equation. The other half is user education. With that in mind, here are 10 things you can do to reduce the amount of spam you receive and avoid the threats hiding inside it.

1. Unsubscribe, but only from senders you actually recognize. How often have you been asked for your email address at checkout or while placing an order online? In either case, you may have ended up on a company's mailing list. When email from a legitimate, recognizable company arrives, it's fine to open it and click the Unsubscribe link. The important caveat in 2026: do not unsubscribe from messages sent by senders you don't recognize. With spam, the "unsubscribe" link is often there to confirm that your address is live and that a real person reads it, which gets you more spam, not less, and can lead to a malicious site. If you're not completely sure where a message came from, report it as spam instead of unsubscribing.

2. Create a secondary email address, or use aliases. While we're on the subject of retailers having your address, consider keeping a second address used solely for store records, order confirmations, and sign-ups. That keeps vendor solicitations out of your primary inbox. Many email platforms now make this even easier with aliases, "plus addressing" (e.g., yourname+shopping@domain.com), or masked-address features like Apple's Hide My Email, all of which let you hand out a disposable address you can cut off the moment it starts attracting spam.

3. Keep your email address private. If your address is visible on social media (Facebook, X, LinkedIn, Instagram), it's also visible to spammers, who run automated tools that scrape public addresses and add them to mailing lists. If you must post an address publicly, mask the format (for example, write "name at domain dot com" instead of using the @ symbol). With the prevalence of Business Email Compromise (BEC) attacks, this matters even more for executives and finance staff, since scammers use details harvested from public profiles to craft convincing, well-targeted spear-phishing emails.

4. Before you join a mailing list, check whether the owner can sell your address. If the list has a privacy policy, read it and confirm your information can't be shared with or sold to third parties.

5. Don't reply to ANY spam or unsolicited marketing message. Most spam uses forged sender (return-path) addresses, so a reply almost never reaches the spammer anyway. And replying to a legitimate-but-unwanted marketing message just confirms your address is valid, which invites more of the same.

6. Don't click links, and be especially wary of QR codes. Clicking a link in a spam email can identify you to the spammer as a live recipient, and can lead to malware or a credential-stealing page. A newer twist is "quishing," phishing that hides the malicious link inside a QR code, often in an attachment or image, specifically to slip past filters and your own instincts. Treat an unexpected QR code in an email the same way you'd treat an unexpected link: don't scan it unless you're certain of the source.

7. Block images by default. Even if you never click a link, an image that loads automatically can signal to spammers that your address is active. Spammers embed tiny, often single-pixel "tracking" images for exactly this purpose. Configure your email client to block images by default, and choose to display them only when you're sure the sender and content are legitimate.

8. Make your email address harder to guess. Spammers run dictionary attacks that guess common addresses (info@, john.smith@, and so on). A less predictable address is harder to land on by brute force.

9. Don't fall for scams, and know what they look like now. The classic "anonymous stranger promises you a fortune for a small up-front payment" scam, the old Nigerian prince or advance-fee scheme, is still around, but it has evolved. Today's versions are more patient and more costly: fake cryptocurrency "investment" opportunities (often called "pig butchering," where a scammer builds trust over weeks before the fake payout never comes), romance scams, and fraudulent job offers aimed at remote workers. The common thread hasn't changed: if someone you've never met contacts you out of the blue with an offer that depends on your money, your trust, or your urgency, it's a scam. The FTC's consumer advice site tracks the current variants.

10. Never forward chain email from people you don't know. You've seen them: the public service announcement, the petition, the "forward this to ten friends" plea. Don't. Forwarding chains is a prime way for spammers to harvest fresh, valid email addresses.

Blocking junk email isn't just the mail server administrator's job. A well-informed user is the difference between spam that's manageable and spam that's out of control, and in the AI era that informed instinct matters more than ever, because the messages no longer announce themselves with obvious mistakes. A few extra habits go a long way here too: turn on multi-factor authentication so a stolen password alone can't compromise your account, and periodically check whether your address has turned up in a known data breach. Combined with the ten tips above, that vigilance will help keep your inbox clean and keep you from becoming the next phishing or malware victim.

Read More

Steps to Track Spam Sent Out From a Local Machine on Your Network

By Brad Wyro posted in Email Gateway How-To, Email How To, Email Security, Cybersecurity, Stop Spam Email, Tutorial, Email Security Trends

0 Comments

 

Has this happened to you? Let’s say you’re the MDaemon administrator for your company, and you’ve noticed that somewhere, somehow, spam messages are being sent from within your network. Perhaps one of your PCs has been compromised. What do you do? Here are some tips to help you track the issue down.

Read More
BACK TO ALL ARTICLES

Subscribe to Email Updates