How a spoofed email passed the SPF check and landed in my inbox

The Sender Policy Framework can’t help prevent spam and phishing if you allow billions of IP addresses to send as your domain. Twenty years ago, Paul Vixie published a Request for Comments on Repudiating MAIL FROM that helped spur the internet community to develop a new way of fighting spam with the Sender Policy Framework (SPF). The issue then, as now, … More How a spoofed email passed the SPF check and landed in my inbox

The trouble with BEC: How to stop the costliest internet scam

Business email compromise fraud generated more losses for victims than any other type of cybercrime in 2021. It’s long past time that organizations got a handle on these scams. The old adage of people being the weakest link in security is especially true when it comes to email threats. Here, cybercriminals can arguable generate their … More The trouble with BEC: How to stop the costliest internet scam

Another email scam as Gaeilge is doing the rounds

An email in Irish, coming from a South Korean email address, claims the sender has a video of the receiver viewing pornography and will make it public unless paid €1200 in bitcoin. These sort of “sextortion” letters are nothing new, we’ve warned about several like this and this before, but we’re always excited to see … More Another email scam as Gaeilge is doing the rounds

FBI systems compromised to send out fake attack alerts

Hackers break into the Bureau’s email systems to send out at least 100,000 emails warning recipients of imminent cyberattacks The Federal Bureau of Investigation (FBI) has had its email servers compromised, with the hackers then sending out tens of thousands of bogus spam emails impersonating the agency and the Department of Homeland Security and claiming … More FBI systems compromised to send out fake attack alerts