Email Security Test Domain

📧 Why did I receive an email from this domain?

This domain is part of the Net Reaction Small Business Security email configuration testing service.

Someone at your organization requested an Email Security Test, which sends a series of test emails to verify that your email provider is properly filtering malicious messages.

⚠️ This is NOT spam or phishing

This test was explicitly requested by a user at your organization. The emails are safe and are designed to test your email security configuration.

🔍 What does this test check?

Test #4: Display Name Spoofing Detection

This test checks whether your email provider detects deceptive display names - a common phishing technique.

The test email was sent with a display name like "IT Support Team" but from an obviously unrelated domain (jelly-doughnuts.com). Good email filters catch this mismatch.

What the attacker wants you to see:

What's actually in the email:

If you received this email in your inbox:

Your email provider isn't catching basic display name spoofing. Users might trust emails based on the display name without checking the actual sender address.

🛠️ How to fix this

If this email reached your inbox (not spam/junk folder), here's how to improve your protection:

  1. Enable external sender warnings Most email systems can show warnings when emails come from outside your organization, especially when the display name looks internal.
  2. For Microsoft 365 Enable "First contact safety tip" in anti-phishing policies. Go to Microsoft 365 Defender → Policies → Anti-phishing. Also enable "Show (?) for unauthenticated senders."
  3. For Google Workspace Enable "Employee name spoofing protection" in Admin Console → Apps → Google Workspace → Gmail → Safety. This catches when external emails use your employees' names.
  4. Add [EXTERNAL] tags Configure your email system to prepend [EXTERNAL] to subject lines or add banners to emails from outside your organization.
  5. Train your employees Teach users to always check the actual email address, not just the display name. Hover over the sender name to reveal the real address.

📚 How Display Name Spoofing Works

Email has two "from" fields that attackers exploit:

  1. Display Name (what you see) This is the friendly name shown in your inbox, like "John Smith" or "IT Support Team." The sender controls this completely.
  2. Email Address (the truth) This is the actual address, like "hacker@evil-domain.com." Many email clients hide this or show it in small text.
  3. The attack Attackers set a trusted display name ("Your Bank," "IT Help Desk," "CEO Name") but send from their own domain. Users see the display name and trust the email.
  4. Why it works People are busy. They glance at the display name and assume it's legitimate. Mobile email apps especially hide the real address.

This is one of the simplest and most effective phishing techniques, which is why good email filters should catch it.

This test is provided by Net Reaction Security

Questions? Contact security@netreaction.com