In the event that a phishing message impersonating Domino is received internally or by customer the following steps should be taken by Domino IT Security
1. Obtain copies of the message (.msg or .eml format) where possible beyond purely a screenshot to confirm the email server this is coming from and the originating Domain
2. Perform a lookup of the domain on a public registrar to confirm ownership or recent registration (https://www.whois.com/). Provide screenshots in the ticket if one has not been logged already
3. Report the domain and all recorded details to Taslin Sunna [email protected] of the Domino Legal department to begin the takedown process through Mills & Reeve. Sheila Richardson or a member of the Marketing and Distribution team should included as well if they wish to put out appropriate notice to external parties