Discussion
Loading...

Post

  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
Jan Wildeboer 馃樂:krulorange:
@jwildeboer@social.wildeboer.net  路  activity timestamp 2 months ago
#NerdTalk Wow. A multi-step, sophisticated way of spoofing emails that pass SPF, DKIM, DMARC. Hardcore.

"And most importantly, the key trick is that you can put anything you want in the App Name field in Google"

Le sigh. That's where they put the email text. In the App Name field. Google can fix this by sanitising input better.

https://easydmarc.com/blog/google-spoofed-via-dkim-replay-attack-a-technical-breakdown/

#Spam#Phishing#MailAdmin

  • Copy link
  • Flag this post
  • Block
Jan Wildeboer 馃樂:krulorange:
@jwildeboer@social.wildeboer.net replied  路  activity timestamp 2 months ago

I would really like to see the full set of headers from this mail. I wrote a while ago how I analyse headers to check for suspicious things. https://jan.wildeboer.net/2022/09/E-Mail-Headers/

  • Copy link
  • Flag this comment
  • Block
Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About 路 Code of conduct 路 Privacy 路 Users 路 Instances
Bonfire social 路 1.0.0-rc.3.1 no JS en
Automatic federation enabled
  • Explore
  • About
  • Members
  • Code of Conduct
Home
Login