[clug] fraud
Andrew Savchenko
andrew at lists.savchenko.net
Tue Nov 10 02:52:38 UTC 2020
Hello peter,
Tuesday, November 10, 2020, 1:01:26 PM, you wrote:
> Can you explain how the scam could be implemented.... virus, malware etc ?
Plethora of ways:
1. Builder's machine was compromised
2. Client's machine was compromised
3. E-mail was intercepted and manipulated on the side of MX and DKIM
signatures weren't enforced.
4. DNS spoofed and DNSSEC wasn't enforced or records were not provisioned in a
first place.
5. MTA-STS policy was absent or not checked by MTA.
6. DMARC policy wasn't strict enough or not enforced by recipient.
7. SPF wasn't used properly.
8. ...
The list goes on.
--
Regards,
A
More information about the linux
mailing list