Impersonation attacks use the credibility or familiarity of an organisation or person that the business may know or be aware of to manipulate users into disclosing sensitive information, providing access to their systems, or committing acts of fraud. To help protect against this, please refer to the list below.

1. Set up Two Factor Authentication (2FA) and remove/suspend any accounts no longer in use.
2. Enable up-to-date anti-malware protection for email and spam filtering.
3. Use domain settings and anti-spoofing controls such as DMARC, SPF, DKIM to reduce emails being spoofed.
4. Utilise audit and network monitoring tools.