Collaborate Disseminate
We’ve received several rua reports indicating that one of our direct competitors is sending emails with our domain in the mail from headers.
I do not have access to the actual emails sources, and I have no idea what would cause this. The o… Continue reading DMARC rua indicates mail send from competitorDomain.com for ourDomain.com, is this (potentially) mallicous?
Reflecting on 2020’s record-breaking year of spam and inbox threats. Continue reading Inbox Attacks: The Miserable Year (2020) That Was
We recently received an email from a self described "white hat hacker" purporting to be from our own organization.
According to the mail headers, spf, dmarc, dkim and arc all passed okay and gmail didn’t flag it in anyway.
We use… Continue reading SPF/DMARC for shared email provider (gmail) – how did this email pass SPF?
A domain spoofing email phishing campaign that very convincingly impersonates Microsoft and successfully tricks legacy secure email gateways has recently been spotted by Ironscales. It also led them to discover that Microsoft servers are not currently … Continue reading Phishers bypass Microsoft 365 security controls by spoofing Microsoft.com
We (let’s call ourselves foo.com) have a Third-party service (let’s call them: bar.com) that sends emails on our behalf, with email from our domain (for example: baz@foo.com). To facilitate a smooth mail flow, we have set up SPF, DKIM and … Continue reading DKIM alignment failure with Third-party service
Attackers are compromising email accounts from popular universities, including Purdue and Oxford, to launch attacks that get around DMARC and SPF. Continue reading University Email Hijacking Attacks Push Phishing, Malware
This blog post from 2016 shockingly implies that gmail will accept an email if either SPF or DKIM passes. We use G suite SMTP servers, therefore SPF provides almost zero protection from spoofing. Is this still the case?
Since DMARC only n… Continue reading Does gmail still ignore DKIM if SPF passes, DMARC style?
Up to 61 percent out of the IATA (International Air Transport Association) airline members do not have a published DMARC record. Continue reading Airline DMARC Policies Lag, Opening Flyers to Email Fraud
Protecting your brand and your employees from phishing attacks is a critical first step to keeping your environment secure.
The post Sponsored: Protecting your Domain and Users from Phishing Attacks appeared first on Petri.
Continue reading Sponsored: Protecting your Domain and Users from Phishing Attacks
Domain-based Message Authentication, Reporting & Conformance (DMARC), is an email authentication, policy, and reporting protocol. It builds on the SPF and DKIM protocols to improve and monitor protection of the domain from fraudulent email. To sel… Continue reading How do I select a DMARC solution for my business?