On 2020-06-17 11:31 p.m., Benoît Panizzon via mailop wrote:
Hi
Anybody else seeing increase phishing through sendgrid? They look
fairly convincing.
I suspect the IP Ranges of Sendgrid are bound for a global blacklisting
if they keep ignoring abusive behaviour of their customers.
We have an automated system that catches these now of course, but yeah..
The "Netflix" one is getting pretty old..
Len, maybe you can help us understand the inner workings over there.. No
one likes to play 'whack-a-mole', but how is it that the friendly name
in the From as, eg..
From: "Netflix" <randomemail>
How is that not already a check on egress after a couple of months.. Do
you REALLY think you are going to have a customer who named themselves
that using your service?
Inquiring minds want to know...
(Quick spot check on the spam folder.... umm.. yep.. 8 new phishing
emails detected from SendGrid)
Return-Path:
<bounces+10775676-ae17-sales=linuxmagic.com@em7103.elementalmu.online>
Received: from wrqvbwxx.outbound-mail.sendgrid.net (HELO
wrqvbwxx.outbound-mail.sendgrid.net) (149.72.185.170)
Subject: Maintaintance Requested
From: BARE_TARGET_DOMAIN <ferro...@viaccess.net>
Obvious Phishing, this time email phishing..
Judging by how many hits that triggered in the automated reports, it ran
for a while..
Actually, seems like they even changed up midstream, when they didn't
get blocked, and used a different email template from the same account.
Timestamps show they had been running at LEAST 8 hours, with at least
THREE different phishing campaigns
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
