There’s no validation.
SPF.
Comment on trending hack sending emails about a support ticket
surewhynotlem@lemmy.world 10 months ago
Why do you think anything is hacked? It’s trivially easy to send an email pretending to get someone else. There’s no validation.
Do they contain valid data or something?
There’s no validation.
SPF.
Optional, but recommended. But doesn’t guarantee anything unless both sides respect it. Also, IP spoofing is a thing.
Email is a broken protocol. There’s a great copy pasta about why it can’t or won’t be fixed, which I unfortunately can’t find. But it boils down to the fact that you can’t get everyone to agree on, or implement, the fixes necessary to prevent spam.
Use a host that requires it. Done?
knighthawk0811@lemmy.one 10 months ago
this isn’t that
qaz@lemmy.world 9 months ago
Could you elaborate on why you think that?
knighthawk0811@lemmy.one 9 months ago
I’ve seen hundreds of those and they’re mostly phishing attempts. this new one doesn’t look anything like that.
this one has multiple addresses in the CC field, at least one of which is always a predefined list on the senders side. and it’s otherwise a legit looking support ticket response.
but i want to know what’s the origin, what’s the vectors, and what’s the target.