Security News > 2020 > December > HMRC phishing scam abuses mail service to bypass spam filters
2020-12-02 17:10
Threat actors are exploiting legitimate SendGrid mailing service to spoof HMRC phishing emails that bypass spam filters.
Email delivery service abused for spoofing HMRC emails.
While SendGrid is itself a legitimate service, threat actors have been abusing some of its features to bypass spam filters and email security products.
A security researcher known as TheAnalyst shared information with BleepingComputer about an ongoing HMRC phishing campaign that uses SendGrid to bypass spam filters.
The actual phishing webpages linked to in the email imitate the HMRC and GOV.UK design.