Security News > 2023 > September > Email forwarding flaws enable attackers to impersonate high-profile domains

Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego.

It's called forwarding-based spoofing, and researchers found that they can send email messages impersonating these organizations, bypassing the safeguards deployed by email providers such as Gmail and Outlook.

The original protocol used to check the authenticity of an email implicitly assumes that each organization operates its mailing infrastructure with specific IP addresses not used by other domains.

As a result, thousands of domains have delegated the right to send email on their behalf to the same third party.

While these third-party providers validate that their users only send email on behalf of domains that they operate, this protection can be bypassed by email forwarding.

They tested their attacks on 14 email providers, which are used by 46% of the most popular internet domains and government domains.

News URL

https://www.helpnetsecurity.com/2023/09/11/email-forwarding-flaws/