Hi,
I'm wondering if it might be a good idea to strip all sender names from
emails coming into our corporate email system. To avoid a false name
being used by a scammer.
So rewrite a header like
`From: Bob Smith <b...@example.org>` to `From: b...@example.org`
Because the domain part is checked by SPF and DKIM. The but name (Bob
Smith) is not.
Background:
Some people at work fell for a scam email where the From line was
From: =?UTF-8?Q?Darren_Smith=C2=A0?= <mablecri...@gmail.com>
That's a Darren_Smith with a non breaking space on the end.
mablecri...@gmail.com is the real scammer address.
Darren Smith (not his real name) is the Managing director of their
employer. And they just trusted the name, and didn't check the
domain. To the more experienced members of staff it was so blatantly a
scam they just deleted it. To the junior members, they rushed to the
shops for amazon and google vouchers thinking they were on a special
mission for the big boss. £1300 lost, some maybe recovered.
If I stripped the name, they would have seen mablecri...@gmail.com and
hopefully noticed sooner.
Thoughts or ideas?
--
Tim Bray
Huddersfield, GB
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
