These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections - all to deceive recipients and steal funds and credit card details.
The most unique and powerful part of this domain is the spoofing method - leaving almost no chance to realize this is not a genuine email sent from those companies.
This EchoSpoofing concept is really powerful. It's kind of strange it is being used for large-scale phishing like this instead of a boutique spear-phishing campaign.
Collection
[
|
...
]