3rd Party Risk Management , Account Takeover Fraud , Business Email Compromise (BEC)
Fraudsters Have Been Using SMTP Multipass Flaw for Business Email Compromise Schemes Mathew J. Schwartz (euroinfosec) • November 5, 2020 Inside Rackspace's cybersecurity operations center (Photo: Rackspace)Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams.
See Also: Webinar | Mainframe Security For Today's Crazy World!
So warns 7 Elements, an IT security testing consultancy based in Edinburgh, Scotland, which says that attackers have been using what it's dubbed as an "SMTP Multipass" attack - SMTP refers to simple mail transfer protocol - since it's designed to subvert multiple accounts and bypass DNS-based defenses against spoofed emails. All organizations that use Rackspace's hosted email services appear to have been vulnerable to having their email domains get misused in this manner.
7 Elements says one of its clients was targeted using the attack, as part of a BEC scheme - aka CEO fraud effort - in July, after which it reported the problem directly to Rackspace.
Texas-based Rackspace is the world's largest managed cloud provider, and provides access to such cloud offerings as Amazon Web Services, Microsoft Azure and OpenStack.
The company has told at least some customers, including Information Secu ..
Support the originator by clicking the read the rest link below.
