Collaborate Disseminate
As a sysadmin, I need to send spoofed emails to ensure that the spoofing protection (DMARC, etc) is working.
I think Emkei’s Fake Mailer can be used to send emails spoofed at the SMTP / 5321.MailFrom level but how does one send emails spo… Continue reading How to spoof a MIME-level email address
I recently registered a domain name, and set up an email account tied to it with Zoho mail. I’m concerned about making sure all emails from this domain are signed to prevent spoofing.
I’ve enabled SPF and DKIM on Zoho and my… Continue reading How can I prevent email spoofing from my domain?
Recently a business I’m working with had an email that was sent to some vendors of theirs using emails that were remarkably similar to their own emails. The attackers used letter substitution to mimic the business’s domain (e.g. exarnple@dornain.com — notice the use of “r” and “n” to imitate an “m”).
Luckily, the vendors contacted by these people were diligent enough to catch the mismatched email addresses. However, I’m concerned that similar attacks will hit other vendors of our that might not have the same protocols in place.
Aside from contacting every one of vendors, is there anything the business can do on their end to mitigate these attacks? Or are they reliant on vendors being diligent with double-checking their contacts?
Continue reading Dealing with a fraudulent email that went to vendors
I just started receiving DMARC aggregate reports. I am trying to understand what it means for a Source IP to fail SPF. Does this mean that the domain that failed the SPF tried to send an email on behalf of my domain? (essentially spoof my … Continue reading What does a failed SPF record tell me from a DMARC Aggregate report?
I just started receiving DMARC aggregate reports. I am trying to understand what it means for a Source IP to fail SPF. Does this mean that the domain that failed the SPF tried to send an email on behalf of my domain? (essenti… Continue reading What does a failed SPF record tell me from a DMARC Aggregate report?
More than 50 law enforcement agents based in the U.S., Bulgaria, Hungary, Germany and Israel, worked together over the last 24 hours to arrest 16 cyber criminals involved in a highly advanced, transnational cybercrime ring. From Washington, D.C., the Justice Department unsealed 19 indictments Wednesday, alleging that those arrested were involved in a sophisticated international […]
The post FBI, DOJ join forces with foreign partners to bust international cybercrime ring appeared first on Cyberscoop.
Continue reading FBI, DOJ join forces with foreign partners to bust international cybercrime ring
I recently contacted a vendor of security-related development libraries to ask for a quote (I won’t name them yet).
The next day, Postmark sent me my weekly DMARC report – and it contained 2 failed entries originating from t… Continue reading Suspicious Entry in DMARC Report
I recently contacted a vendor of security-related development libraries to ask for a quote (I won’t name them yet).
The next day, Postmark sent me my weekly DMARC report – and it contained 2 failed entries originating from t… Continue reading Suspicious Entry in DMARC Report
I am looking for an email provider that I will use with custom domain, one provider is cheaper but has only SPF while the other is more expensive but uses both SPF and DKIM and I’m not sure if paying more is worth it if the o… Continue reading Security of SPF vs SPF and DKIM in email
I just got a letter from court saying I made 49 threats to someone I had a problem with three years ago. This person presents “my emails” as evidence. I went through all my emails, and I haven’t found a single one. The mail p… Continue reading Someone is using my (or has the same) email