Privacy

40371 readers

315 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

Google Spoofed Via DKIM Replay Attack | EasyDMARC (easydmarc.com)

submitted 6 days ago by Der_Fossyler@feddit.org to c/privacy@lemmy.ml

2 comments fedilink hide all child comments

cross-posted from: https://feddit.org/post/16327978

you are viewing a single comment's thread
view the rest of the comments

[–] drspod@lemmy.ml 12 points 6 days ago (1 children)

They found a way to inject text into a google email notification (by setting the name of their google workspace account to the phishing message), and then set up a mail forwarding service to redirect the notification to the victim accounts. That way the victims receive a legit email from google but the text of the email is attacker-controlled and can point the victim to their phishing site.

It's not really a vulnerability in DKIM. The bug is in google's use of attacker-controlled text fields in their notification emails.

[–] kn33@lemmy.world 3 points 5 days ago

I saw one of these recently, too, with Microsoft. Someone opened a 365 tenant and set the name of the tenant to "Thank you for your purchase of Microsoft Defender for $509.99. If you have any questions, please call [attacker controlled number]"

Then they set their exchange online to forward messages to the intended victim, and requested a password reset email. So the victim ended up receiving an email that came from microsoftonline.com that said "Your password has been successfully changed. Thank you, [scam text]"