DHS will scan agencies for DMARC, other hygiene measures

The Department of Homeland Security is now collecting data about federal agencies’ use of an industry-standard cybersecurity measure that blocks forged emails. The collection is seen as a first step to encouraging wider adoption within the U.S. government, according to official correspondence. In a letter to Sen. Ron Wyden, D-Ore., DHS official Christopher Krebs says the department, “is actively assessing the state of email security and authentication technologies … across the federal government,” to include Domain-based Message Authentication, Reporting and Conformance (DMARC). DMARC is the industry standard measure to prevent hackers from spoofing emails — making their messages appear as if they’re sent by someone else. Spoofing is the basis of phishing, a major form of both crime and espionage, in which an email appearing to a come from a trusted third party directs readers to a website where login and password credentials can be stolen. Krebs says DHS’s 24-hour cyber watch center, […]

The post DHS will scan agencies for DMARC, other hygiene measures appeared first on Cyberscoop.

Continue reading DHS will scan agencies for DMARC, other hygiene measures

What are the different ways of analysing email address to detect phishing emails? [on hold]

As the question says, what are the different ways of analysing email address to detect phishing email?

This question is regarding only the email address and not the contents of the email.

What are the ways in which domain n… Continue reading What are the different ways of analysing email address to detect phishing emails? [on hold]

DMARC use continues to climb inside federal government

The number of federal government departments and agencies deploying the highest level anti-spoofing and anti-phishing email security has nearly doubled since the end of May, new figures show. A total of 135 federal email domains had some form of the Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol deployed Aug. 1, according to the non-profit Global Cyber Alliance. That’s only six more than the 129 who had some deployment May 26 — but of those 135, 60 had the protocol set to p=reject, the highest level of deployment. That compares to just 32 who had the protocol fully deployed in May. DMARC helps prevent phishing and other email spoofing attacks, when a message is made to look as if it comes from a company or government agency. The IRS, for instance, is a frequent target of phishers, who prefer to impersonate banks or other email senders who might have a financial relationship with potential victims. At […]

The post DMARC use continues to climb inside federal government appeared first on Cyberscoop.

Continue reading DMARC use continues to climb inside federal government

PayPal Scam Email?

Is this a scam email or is it a valid email from PayPal?

To: XXXXXX XXXXXX From: PayPal Credit Request attempted on: June 10,
2017

You attempted to open an account or make a purchase using the PayPal
Credit payment method on June 10, 2017. We regret that you were unable
to use PayPal Credit at that time. As a convenience, we are providing
you with immediate access to view the reasons why your request was not
authorized. By clicking on the secure link below, you can begin the
process of viewing this important information.

View Important Information About Your Request When you applied, you
provided certain information about yourself that we will request for
verification when you click the link above. After clicking the secure
link above, a screen will appear requiring you to enter this
information for verification purposes. 

You will have access to this information for up to 180 days from the
date of this email using the link in this e-mail. If you wish to
continue to have access to this information, you must keep this email,
and use the above link to access this information in the future.

Please do not reply to this email. If you are unable to access this
information, you will receive a letter within 30 days.

Sincerely,

PayPal Credit 

The lender for PayPal Credit accounts is Comenity Capital Bank

The link points to https://bml.applications.billmelater.com and they want me to put in my birth date and last 4 digits of my SSN. The sender is supposedly from customercare@paypal.com.

Here is the provided message header:

Return-Path: <customercare@paypal.com> Received: from
mx0.slc.paypal.com ([173.0.84.225]) by mx.perfora.net  (mxeueus001
[74.208.5.21]) with ESMTPS (Nemesis) id 0MTydT-1dCYnS2MwD-00Qg0p  for
<XXXXXX@XXXXXXXXXXXX.XX>; Fri, 16 Jun 2017 07:31:00 +0200
DKIM-Signature: v=1; a=rsa-sha256; d=paypal.com; s=pp-dkim1;
c=relaxed/relaxed;  q=dns/txt; i=@paypal.com; t=1497591058;
h=From:From:Subject:Date:To:MIME-Version:Content-Type;
bh=1QULyOBdV2fQFWq+fY0tQ1diErpOz89Nr0ZW8Q/t9O8=;
b=0yzdRiM1B55ey8LoOBH0iXb3E5yqxdVk1dhjwi9YZem6zKAM8yP6hPvvl9l5Y/EJ
f93DxSsnM5VTd4EQb803oFL05utxp9GmAXiYeAbba+MRVxl/OTGWThQDk1s7SDJQ
DXX9SCHzYzeVZ/5dijQj0aaCrPw7+9Sw0Vm4yn1B0VysSWcnHGJWwbTC9E7NBaFr
A33cVi3lE1uNVJwz8ypxq6RRjMhWYA5Nmhn0RJfE6v8BbRj8HvMKCO4UUrUg/OIb
e+GiqjR5w3gUsvbEuVBF8IlVFzGEeWE+QTuPzkQQPrWwlQ+Pv59dte7O0sZwT682
SJdx1RRSxXOg8mF9mHNhsA==; Received: (qmail 11576 invoked by uid 993);
16 Jun 2017 05:30:58 -0000 Date: Thu, 15 Jun 2017 22:30:58 -0700
Message-Id: <1497591058.11576@paypal.com> AMQ-Delivery-Message-Id:
EMAILDELIVERY-Notification_EmailDeliveryEvent-185-1497591052064-3809733053
X-PP-REQUESTED-TIME: 1497591050550 X-PP-Email-transmission-Id:
f642bda6-5254-11e7-bd77-5cb90192ccbc PP-Correlation-Id:
ddc61267a22a1bb0 Subject:
=?UTF-8?Q?Request_attempted_on=3A=C2=A0June_10=2C_2017?= X-MaxCode-Template: PPC001143 To: <XXXXXX@XXXXXXXXXXXX.XX> From:
PayPal Credit <customercare@paypal.com> X-Email-Type-Id: PPC001143
Content-Transfer-Encoding: base64 Content-Type: text/html;
charset=UTF-8 MIME-Version: 1.0 Envelope-To: <XXXXXX@XXXXXXXXXXXX.XX>
X-UI-Filterresults:
notjunk:1;V01:K0:LdGxQFRpRdo=:36HTTy+jN84T1PARbUXaam6TaP 
/vZtms/sJ5AC2EAGL34ilyA8HGVtQHGuD5/MNyrXPgjCBpMgyCf5HXT0oo5T/94SpRqgh+aHZ
PbAK2JatMnw40up2972ATAveQN4ejppluCgm3tglysTaDhCc+oDjbj5+RoLSdGYL3EpL9ZxnH
NaTkIj9JhebaViiAzA1S89Ea4LxXK43tWjyc9GOVWMh55DI8K69/mQW6dCAjnRKk8MGP6iATN
hHYgWOSEMbJy5HPmwSD5ZwC0SIziTpk+TLftmUGRuDIsXNqUKMynyN+W0eljz6zV2rswrCggJ
GdSynaaVXzQ0WrhPjc4uc39PyX3UlrH0SM7cbGbaMfCgQGz3EJHaVkBlomVUgauBUPgDRB4qY
ZN4JNLCxCDciRxWP3p0MtQ95TK8JDfSF9UYBbkPmEjcbgTqFTYYRAtenlyz2HMTRQW6CMyNDD
AxAZndGz5Jo47ZXivbebQnQTOczSTFG/QrO3yY5PJZfLR5MJcDqHqMca0mzO/8PHErOU0H6J1
CNZ9oVDMp76Z3ZMlnwKBr6npVoUEp1qZ8YCeZ5SA657pA+dSM1/JTfFkq7GqkrtRUscQd4V4o
5MmWoPIG0PUYd8DnA5GsoPn4OQd20zk2naYCRKdhr01PWJ7AkrERSJyZGh/9lgg5Kg/u+vxYn
i4oqqi0PEVzfOz/IQvj7l2I0R1ibJKbjGcDZDheLCXwQXzt8fTUQZDD4MLBsNyY+e5lQQcgaZ
RxnT9QI62oXk9pqvlxknzOmLCcA2Xlwimr6WUNcRc6Joh/wgXQUBJRpl3YdOwQ/UDPDhlskag
H5Qls8E1GUcEy6114jBLZsRmexGsklw7qA+UEvRcajBRktYjPewN7YkQVQlp9vhDpSjVf2gtD
WA5lOh0YlkBOxDrv0m1g5iKvpEZRO7IntT0p9kA5bevZtgWHvBQaa+IGDA1F+Ot4ldT2EEVjs
EkKGGhK4JNwdZCaTwmqgyPzDJt3I6wnVdeZIzR77XtDXjv+maDNZ9M4xVNwOW0/puP4rGAXHM
82SGxdPLv/mnEgLe3zTY1sF8D9eU0Bqtvcv9GYcScoz1n2yObr8P4PJ/SqfQJ0vFvT52qxLxG
1/yQa0OLG1UJlqywAqlWAoNmy8DQYZcrXxebyaN+zslBVh/b9iH+tMc3PVcal+0yiET0DOA1g
IVa/ECYMR8PmIywvSZvQBnAdR8OgGAigSIrItxkj6rPxvkfSoeRgwWTmSmD5PzYPxbAWIpQ0f
khmztigydZcMKglCWABd7iXHmmJSrkIW2sXH1G0fIoJ9PVV6nVzOV6fLUNjy5F15m7zoYFDBV
FiJ3896cAvR+sr69vHk+ivbAWg==

Continue reading PayPal Scam Email?