I'm new in this forum, so i'm sorry if I didn't post my topic right.
So here is the thing. I'm using an Exchange Mail server 2007 with around 100 accounts. Yesterday a couple of accounts recieve the same message from a different internal user, THAT DOES NOT EXIST, telling them to download a patch file from this site:
http://updates.COMPANYNAME.com.secure.c ... 04536.aspx
where the COMPANYNAME is my Domain!!!
I checked the log file of the Exchange server, but there is nothing about threat.
Please Help. How the .... is this thing manage to enter? How can I prevent for future attacks?