Subj : Proofpoint email filter flaw exploited to send out millions of ph To : All From : TechnologyDaily Date : Tue Jul 30 2024 19:30:06 Proofpoint email filter flaw exploited to send out millions of phishing messages Date: Tue, 30 Jul 2024 18:28:00 +0000 Description: Phishing emails "perfectly" spoofed major brands including Disney and Coca-Cola. FULL STORY ====================================================================== Cybercriminals found a way to send millions of perfectly spoofed phishing emails thanks to a vulnerability in Proofpoints email relay servers. Experts from Guardio Labs revealed the phishing campaign started in January 2024, and was sending out an average of three million emails daily. In early June, it peaked with 14 million emails being disseminated. The researchers dubbed the campaign EchoSpoofing, noting the crooks were able to get their phishing emails properly DKIM signed, and SPF approved. What tipped researchers off, though, was that all of the emails were dispatched from one specific family of relay servers - pphosted.com - which is owned and operated by the email security vendor Proofpoint. Bypassing spam filters To the recipient, the email looks as if it is coming from a legitimate business. The businesses being spoofed here all seem to be Proofpoints customers, mostly Fortune 100 companies. These include Disney, IBM, Nike, Best Buy, and Coca-Cola, to name a few. These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections all to deceive recipients and steal funds and credit card details, the researchers concluded. Guardio Labs said that all major email platforms , including Gmail, failed to flag these emails as spam, and instead allowed them straight into peoples inboxes. The emails scared the victims with fake account expirations, payment and renewal requests, and similar, all with the goal of harvesting payment and personally identifiable information . Proofpoint said it had been keeping an eye on the EchoSpoofing campaign since March 2024, and that it provided new settings, and advice, on how to prevent such attacks in the future. The company provided a detailed guide on how users can add anti-spoof checks, and more. Via BleepingComputer More from TechRadar Pro AI Arms Race: the evolving battle between email spam and spam filters Here's a list of the best firewalls today These are the best endpoint protection tools right now ====================================================================== Link to news story: https://www.techradar.com/pro/security/proofpoint-email-filter-flaw-exploited- to-send-out-millions-of-phishing-messages --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .