Der_Fossyler@feddit.org to Privacy@lemmy.worldEnglish · 2 months agoGoogle Spoofed Via DKIM Replay Attack | EasyDMARCeasydmarc.comexternal-linkmessage-square4linkfedilinkarrow-up113arrow-down15 cross-posted to: privacy@lemmy.ml
arrow-up18arrow-down1external-linkGoogle Spoofed Via DKIM Replay Attack | EasyDMARCeasydmarc.comDer_Fossyler@feddit.org to Privacy@lemmy.worldEnglish · 2 months agomessage-square4linkfedilink cross-posted to: privacy@lemmy.ml
minus-squareMysteriousSophon21@lemmy.worldlinkfedilinkEnglisharrow-up2·2 months agoSPF won’t help here because the attack specifically uses legitimate sending infrastructure - they’re forwarding through a compromised Google Workspace account so the SPF check passes, while reusing a valid DKIM signature from a diferent message.
SPF won’t help here because the attack specifically uses legitimate sending infrastructure - they’re forwarding through a compromised Google Workspace account so the SPF check passes, while reusing a valid DKIM signature from a diferent message.