"The spammers are spoofing our email address - this means they are falsely setting GSMArena.com as the sender of the email. Specifically, it looks like the email came from tpjdlgcj@gsmarena.com, but that's not an active account on our server (that random jumble of letters is clearly randomly generated). Instead the emails are coming from a server owned by Microsoft (52.103.140.27) and one owned by Oracle (92.5.13.127), neither of which is part of our infrastructure."
"There are established tools to fight the domain spoofing that the spammers are using. Without getting into too many technical details, a reverse DNS check will discover that the sender's IP address does not match the GSMArena.com IP address, which is a major red flag. Additional tools like SPF, DKIM and DMARC can similarly identify spam email that employs spoofing."
"On our end, we have set our SPF policy to "hardfail", which will tell email providers to block emails that did not originate from our servers. If you have received a spam email like the ones seen above, you should contact your email provider's support team and tell them about the issue."
GSMArena clarifies that spam emails appearing to originate from their domain are fraudulent. Spammers are spoofing the GSMArena.com email address, using randomly generated account names like tpjdlgcj@gsmarena.com, which is not an active account. The actual emails originate from cloud servers owned by Microsoft and Oracle. GSMArena advises users who receive these emails to contact their email provider's support team. The company is implementing technical defenses including SPF hardfail policy, DKIM, and DMARC authentication to prevent future spoofing. Email providers should use reverse DNS checks and authentication tools to identify and block such fraudulent emails.
Read at GSMArena.com
Unable to calculate read time
Collection
[
|
...
]