Danelif
commented
1 month ago I found this https://www.egress.com/blog/phishing/how-can-i-stop-ceo-fraud interresting
Open marclaporte opened 1 month ago
Danelif
commented
1 month ago I found this https://www.egress.com/blog/phishing/how-can-i-stop-ceo-fraud interresting
"The second form is name and email spoofing, where the attacker uses both the CEO’s name and their correct sender address. In this form of the attack, the attacker typically uses a reply-to address that is different than the sender address, so that your response to the email will go to them." Source: https://www.barracuda.com/support/glossary/ceo-fraud
We expose an alternate "reply to" here https://github.com/cypht-org/cypht/pull/781 but we can do better. Related: https://github.com/cypht-org/cypht/issues/1113
See also: https://www.fbi.gov/how-we-can-help-you/scams-and-safety/common-scams-and-crimes/business-email-compromise