You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As discussed over telegram, Please find the vulnerability details below:
Vulnerability: Email Spoofing Leads to Financial and Reputation/Trust Loss
Description: It was observed that the domain is configured with Hardfail SPF Record to protect against Email spoofing but SPF is not a full proof solution and required DMARC Record to protect the email spoofing. At present the domain is lacking DMARC record which means an attacker can spoof ANY email.
For testing, I spoofed [email protected]
Vulnerable Application/Domain: fusion.org
Severity: High, easy to exploit
Impact: This allows an adversary to spoof an email to ask the user to perform sensitive actions such as stealing password, fraud money transaction, promotions, KYC Documents submission etc.
An attacker can also spoof CEO email id any perform malicious actions. An attacker can use any scenario :)
Screenshots: Attached, shows email spoofed WITHOUT spelling mistake which means even educated users will trust this email.
Fix: Generate a DMARC Record (p=reject) and then follow the below steps:
A) If you have direct access to manage DNS for your domain through an online DNS administration tool, look for a section to publish a TXT record or a section specific to DMARC records.
B) If you have access to manage DNS for your domain through a web hosting online administrative interface, look for DNS Settings and a place to enter a TXT record or a DMARC record.
C) If your company manages its DNS internally you may need to submit a request to publish the DNS record through your company's DNS management team.
D) If a third party hosts DNS for your domain you may need to submit a ticket with them to update the domain's DNS settings.
The text was updated successfully, but these errors were encountered:
Hi Joey,
As discussed over telegram, Please find the vulnerability details below:
Vulnerability: Email Spoofing Leads to Financial and Reputation/Trust Loss
Description: It was observed that the domain is configured with Hardfail SPF Record to protect against Email spoofing but SPF is not a full proof solution and required DMARC Record to protect the email spoofing. At present the domain is lacking DMARC record which means an attacker can spoof ANY email.
For testing, I spoofed [email protected]
Vulnerable Application/Domain: fusion.org
Severity: High, easy to exploit
Impact: This allows an adversary to spoof an email to ask the user to perform sensitive actions such as stealing password, fraud money transaction, promotions, KYC Documents submission etc.
An attacker can also spoof CEO email id any perform malicious actions. An attacker can use any scenario :)
Screenshots: Attached, shows email spoofed WITHOUT spelling mistake which means even educated users will trust this email.
Fix: Generate a DMARC Record (p=reject) and then follow the below steps:
A) If you have direct access to manage DNS for your domain through an online DNS administration tool, look for a section to publish a TXT record or a section specific to DMARC records.
B) If you have access to manage DNS for your domain through a web hosting online administrative interface, look for DNS Settings and a place to enter a TXT record or a DMARC record.
C) If your company manages its DNS internally you may need to submit a request to publish the DNS record through your company's DNS management team.
D) If a third party hosts DNS for your domain you may need to submit a ticket with them to update the domain's DNS settings.
The text was updated successfully, but these errors were encountered: