Our IT consultants are currently looking into this matter.įurther to the earlier email about the phishing email that looks to be issued from ********, we regret to inform you that we have confirmed that our email has been compromised and the link contained in that email is malicious.
We have been made aware that ******** members have received FAKE email that appears to have been issued by us.
Lo and behold, today HR manager gets this e-mail: So we e-mailed the SPF change to our contact at the web host and CC'd the Org to get their approval for the change. While we waited we noticed that they happen to use the same web host as we do and that web host also controls their DNS. We again explain why and re-send my how-to. Radio silence for a few weeks until HR manager gets another e-mail from them saying that we are still bouncing their e-mails and why haven't we whitelisted yet. So, feeling generous, I created a nice little how-to including their current SPF record, and link to the Constant Contact's KB article regarding their service and SPF records. I looked a little bit deeper and could see that they were using Constant Contact to send their newsletters but they didn't have Constant Contact added to their SPF record. and got a snarky "well, everyone else just adds us to the whitelist I don't know why you can't" reply.
Being a competent sysadmin, I refused and explained that it would open us up to accepting spoofed e-mails from their domain which would likely contain malware. The e-mail instructed all recipients to forward this to your IT departments to have them whitelist their domain in your spam and malware filters so that their e-mail newsletters don't get blocked. At the end of last year our HR manager forwarded us an e-mail from an HR group they belong to.
0 kommentar(er)
