AutoSPF Blog

Advanced

How threat actors managed to send millions of phishing emails from trusted domains- explaining echo-spoofing

ByBrad Slavin August 30, 2024May 8, 2025 Reading Time: 3 minutes

In the first half of 2024, a simple toggle in Proofpoint’s email service allowed threat actors to send millions of hard-to-detect emails impersonating blue-chip companies. They exploited a misconfiguration in Proofpoint’s secure email gateway (SEG) to send fraudulent credit card emails. These emails bypassed security filters as they were signed and verified, looking like they…

Intermediate

Why subdomains should not inherit the SPF policy of the parent domain?

ByBrad Slavin August 29, 2024January 22, 2025 Reading Time: 3 minutes

It’s common for businesses to have multiple subdomains, but what about their security? While some domain owners completely ignore securing their subdomains, some subject them to the SPF policy of the parent domain. Yes, the latter is definitely better than the former, but even that doesn’t promise robust defense against phishing, spoofing, and ransomware attacks…

Foundational

Spotting spoofed emails with DMARC: A guide

ByBrad Slavin August 21, 2024May 9, 2025 Reading Time: 5 minutes

Here’s a harsh truth: spoofing attacks are more frequent and prevalent than you think. They are not just about someone pretending to be you by using sneaky iterations of your business name. The real issue is them capitalizing on your brand name, your credibility, and your trustworthiness to deceive others. That is, if there is…

Intermediate

How to configure SPF to identify valid email sources for Microsoft 365 domains?

ByBrad Slavin August 20, 2024May 8, 2025 Reading Time: 5 minutes

SPF, which is short for Sender Policy Framework, is an email authentication protocol that allows Microsoft 365 domain owners to prevent threat actors from succeeding in deceiving recipients by sending phishing and spoofing emails from your domain. With SPF in place, emails sent by only officially authorized IP addresses and servers linked to your domain…

Foundational

4 ChatGPT and AI-based scams to be wary of in the second half of 2024

ByBrad Slavin August 16, 2024May 8, 2025 Reading Time: 4 minutes

We are more than halfway down in 2024, and the number of AI-based scams is not looking like it’s in the mood for dwindling anytime soon. Since the launch of ChatGPT in November 2022, AI-based threats have grown, especially in their speed, volume, and sophistication. In fact, the Q4 of 2022 saw an increase of…

Advanced

SPF for multi-domain environments: challenges and solutions

ByBrad Slavin August 13, 2024May 9, 2025 Reading Time: 4 minutes

Most large-scale businesses own multiple domains and subdomains, which are heavily used for sending emails. A multi-domain environment is more prone to email-based cyber threats. In fact, in a recent attack, malicious actors compromised more than 8,000 subdomains of top brands and institutions, including MSN, VMware, McAfee, The Economist, eBay, etc. While using multiple domains…

Foundational

Is the Microsoft Account Security Alert email a scam? How to differentiate between a genuine and fake alert email

ByBrad Slavin August 9, 2024May 8, 2025 Reading Time: 5 minutes

Have you been receiving security alert emails from Microsoft lately? Well, you are not alone! If, like most people, you are also concerned about the validity of such alerts, your apprehension is justified. Considering that all your email is the treasure trove for all the important and sensitive information, receiving a security alert from Microsoft…

Foundational

Threat actors are exploiting multiple SMTP servers and bypassing SPF, DKIM, and DMARC authentication

ByBrad Slavin August 7, 2024May 9, 2025 Reading Time: 3 minutes

Cybersecurity works only if there are no vulnerabilities in the tools and protocols themselves. However, experts have recently found security loopholes in multiple hosted, outbound SMTP servers. These vulnerabilities allow authenticated email senders and some trusted networks to send emails with spoofed sender information. What this means, in simpler words, is that despite having email…

Advanced

What is a secure email gateway?

ByBrad Slavin July 31, 2024January 16, 2025 Reading Time: 4 minutes

Secure email gateways, or SEGs for short, are email security solutions that have been proven effective in detecting and blocking phishing emails. If your email infrastructure is the castle gate of a kingdom, then your secure email gateway is a group of guards equipped with special skills to ward off invaders and unwanted guests (here,…

Advanced

Configuring SPF, DKIM, and DMARC for Brevo (formerly Sendinblue)

ByBrad Slavin July 30, 2024May 8, 2025 Reading Time: 3 minutes

Brevo is a digital marketing platform that caters to the marketing and communication needs of businesses. Its suite of tools and services includes email marketing, SMS marketing, marketing automation, CRM, landing pages, Facebook ads, and much more. If you use Brevo for email marketing, then deploying SPF, DKIM, and DMARC or making changes to the…

How threat actors managed to send millions of phishing emails from trusted domains- explaining echo-spoofing

Why subdomains should not inherit the SPF policy of the parent domain?

Spotting spoofed emails with DMARC: A guide

How to configure SPF to identify valid email sources for Microsoft 365 domains?

4 ChatGPT and AI-based scams to be wary of in the second half of 2024

SPF for multi-domain environments: challenges and solutions

Is the Microsoft Account Security Alert email a scam? How to differentiate between a genuine and fake alert email

Threat actors are exploiting multiple SMTP servers and bypassing SPF, DKIM, and DMARC authentication

What is a secure email gateway?

Configuring SPF, DKIM, and DMARC for Brevo (formerly Sendinblue)

ARTICLES

NAVIGATE

GET IN TOUCH

COMPLIANCES