A flaw in Proofpoint's anti-phishing platform allowed a hacker to send millions of spam emails

A flaw in Proofpoint's anti-phishing platform allowed a hacker to send millions of spam emails

Briefly

The root cause is a modifiable email routing configuration feature on Proofpoint servers, allowing unauthorized relay of organizations' outbound messages without specifying restrictions.

ITProhttps://www.itpro.com/security/a-flaw-in-proofpoints-anti-phishing-platform-allowed-a-hacker-to-send-millions-of-spam-emails

Guardio Labs estimated that cyber criminals could have sent an approximate average of three million phishing emails daily, with record numbers hitting 14 million.

ITProhttps://www.itpro.com/security/a-flaw-in-proofpoints-anti-phishing-platform-allowed-a-hacker-to-send-millions-of-spam-emails

Fake emails sent during the phishing campaign were effectively signed, utilizing legitimate SPF and DKIM signatures from big-name clients like Disney and Coca-Cola.

ITProhttps://www.itpro.com/security/a-flaw-in-proofpoints-anti-phishing-platform-allowed-a-hacker-to-send-millions-of-spam-emails

Proofpoint's platform was labeled as the enabler of the phishing campaign, with malicious emails sent from Proofpoint servers directly to target customers.

ITProhttps://www.itpro.com/security/a-flaw-in-proofpoints-anti-phishing-platform-allowed-a-hacker-to-send-millions-of-spam-emails