Why Staff Are Getting Emails That Look Like They’re From You (And How to Stop It)
Email Impersonation Perth: Why Your Business Isn’t Hacked and How to Stop Fake Emails
Email impersonation Perth incidents are increasing rapidly, particularly for small and medium businesses using Microsoft 365. If your staff are receiving emails that appear to come from a business owner or manager—but something feels off—this is almost certainly email impersonation.
We see email impersonation in Perth businesses every week, including Cockburn Central and surrounding suburbs. These incidents are often reported during routine IT support and helpdesk calls when staff notice suspicious requests.
The situation is alarming, but there is important clarity most businesses need to hear:
Your email account is usually not hacked.
However, email impersonation can continue indefinitely unless it is stopped correctly at the technical level.
This guide explains what email impersonation is, why Perth businesses are targeted, how to recognise fake emails, and how to permanently stop email impersonation attacks.
Email Impersonation Perth: Why Local Businesses Are Targeted
Email impersonation Perth attacks are one of the most common cyber threats affecting small businesses across Western Australia.
Email impersonation occurs when a scammer sends an email pretending to be someone in your business—typically an owner, director, or manager—without accessing their real mailbox.
Instead of hacking, attackers rely on:
- Using a fake or generic email address (Gmail, Outlook, or lookalike domains)
- Setting the display name to match a trusted person
- Exploiting authority, urgency, and routine business behaviour
This makes email impersonation in Perth especially effective for attackers targeting small teams without managed security oversight.
Why Email Impersonation Scams Work So Well
Email impersonation scams succeed because they exploit human trust, not software vulnerabilities.
Common characteristics of email impersonation attacks include:
- Urgent language (“I need this actioned immediately”)
- Requests for secrecy (“Don’t loop anyone else in”)
- Financial pressure (gift cards, bank detail changes, invoices)
These scenarios often surface during managed IT services reviews when patterns of repeated impersonation attempts are identified.
How to Identify Email Impersonation Attempts
Recognising email impersonation Perth attempts requires staff to slow down and verify before responding.
Warning signs include:
- The actual sender email address does not match the internal domain
- Unusual urgency or tone that feels out of character
- Requests to bypass approval processes
- Pressure to act without verification
While staff awareness is important, training alone does not stop email impersonation without technical controls.
Email Impersonation Perth and Microsoft 365: The Real Fix
The only reliable way to stop email impersonation Perth attacks is through proper email authentication controls, implemented as part of a broader cybersecurity strategy.
SPF, DKIM, and DMARC Explained
SPF (Sender Policy Framework)
Defines which servers are authorised to send email on behalf of your domain.
DKIM (DomainKeys Identified Mail)
Adds a cryptographic signature to prove the email content has not been altered.
DMARC (Domain-based Message Authentication, Reporting & Conformance)
Tells receiving mail servers how to handle emails that fail SPF or DKIM checks.
If DMARC is not set to “reject”, impersonated emails can still reach inboxes—even when SPF and DKIM exist.
A Common Microsoft 365 Misconfiguration We See in Perth
Many Perth businesses using Microsoft 365 technically have DMARC configured—but left in monitoring mode.
Monitoring mode:
- Collects reports only
- Does not block impersonated emails
- Provides no real-world protection
This oversight is frequently identified during proactive IT security assessments.
How to Properly Stop Email Impersonation for Your Business
To permanently stop email impersonation Perth scams, businesses should:
- Audit domain email security settings
- Correctly configure SPF and DKIM
- Enforce DMARC with a reject policy
- Review DMARC reports for alignment
- Train staff to verify unexpected requests
This layered approach blocks impersonated emails before they reach inboxes.
Why Email Impersonation Is a Serious Risk for Perth Businesses
Email impersonation frequently results in:
- Direct financial loss
- Reputational damage
- Loss of staff confidence
- Cyber insurance compliance issues
For many organisations, email impersonation is the trigger that leads them to formal managed IT services and structured security controls.
Trusted External Resources
- Australian Cyber Security Centre – Business Email Compromise
https://www.cyber.gov.au/threats/types-threats/business-email-compromise
- Microsoft – Email Authentication (SPF, DKIM, DMARC)
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-about
- Google – Prevent Email Spoofing with DMARC
https://support.google.com/a/answer/2466580
Frequently Asked Questions About Email Impersonation Perth
Why are staff receiving emails that look like they are from me?
This is usually caused by email impersonation. Attackers spoof your name or domain to trick staff, even though your mailbox has not been accessed.
Does email impersonation mean my email account is hacked?
No. In most email impersonation Perth cases, the attacker does not have access to your mailbox. However, the issue should still be investigated promptly.
How can staff tell if an email from me is fake?
Staff should verify the actual sender address, watch for urgency or secrecy, and confirm unusual requests using a second communication method.
How do I stop emails being sent that look like they’re from me?
The most effective solution is correctly configuring SPF, DKIM, and enforcing DMARC with a reject policy.
Is staff training enough to stop email impersonation?
No. Training helps reduce risk, but technical controls are required to block impersonation at the source.
