Guardio Labs has uncovered a phishing campaign that exploits a flaw in Proofpoint’s email protection service to mimic reputable brands. Attackers misconfigured Proofpoint’s permissions to send millions of phishing emails daily.
This exploit, known as EchoSpoofing, allowed phishing messages to pass through Microsoft Exchange and Proofpoint, appearing legitimate. The vulnerability arose because Proofpoint’s service acts as a firewall without proper SMTP protocol authentication, relying only on IP addresses.
This, coupled with improperly configured customer permissions, enabled the senders’ emails to bypass traditional email security measures, highlighting a significant gap in the current email authentication process.
Read more – Phishing Campaign Exploited Proofpoint Email Protections for Spoofing
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.