fsebugoutzone.org:9999

       Post Axrk5RDc3py3gx4DBI by dragonfrog@mastodon.sdf.org
 (DIR) More posts by dragonfrog@mastodon.sdf.org
 (DIR) Post #AxrgIx56VWw6SbH8XQ by stefano@mastodon.bsd.cafe
       2025-09-04T13:51:47Z
       
       1 likes, 0 repeats
       
       I saw something disturbing this morning.One of my clients showed me an email. They use Gmail for their emails (on their own domain) and download them locally. The email officially came from their company president, giving the purchasing department orders to immediately pay an invoice of around €20,000 to a new supplier in the UK. It included all the details and had the invoice attached as a PDF.The worrying part is that the style and tone of the writing were exactly like their president&#39;s. However, the sender&#39;s address, while using the correct name, was a generic Gmail account. This immediately raised a red flag for the purchasing department, and they didn&#39;t fall for it. It was also easy for them to check because the president was in their office at that very moment.Looking at the sender&#39;s address, it would have been simple for anyone to figure out what was happening, but many people don&#39;t. The accuracy with which they (likely using an LLM) recreated the president&#39;s writing style is truly concerning.#Scam #Spam #FakeSender
       
 (DIR) Post #AxrgIyR7TA8mfAaEUa by nicholas@aklp.club
       2025-09-04T14:10:22.280226Z
       
       0 likes, 0 repeats
       
       There is a relatively new feature in enterprise mail servers called impersonation protection that blocks mail where the from name matches your users&#39; but the email is an external domain.
       
 (DIR) Post #AxrjbMKXfeMNqMxuYS by xinqu@mastodon.bsd.cafe
       2025-09-04T14:28:48Z
       
       1 likes, 0 repeats
       
       @stefano I&#39;m frustrated because a solution to this problem exists since decades - its name is #PGP. Also it has it&#39;s disadvantages, problems and is of course not bullet proof, I wonder why nobody was able to design a GUI that is usable for most users with a few hours of training. You only need to understand 5 % of PGP to be able to use it.I think convenience and lack of interest (until it&#39;s too late) are the main obstacles.
       
 (DIR) Post #Axrk5RDc3py3gx4DBI by dragonfrog@mastodon.sdf.org
       2025-09-04T14:22:52Z
       
       0 likes, 0 repeats
       
       @nicholas @stefano unfortunately my organisation can&#39;t really use it.  We&#39;re a big enough organisation, if you make up ten random realistic sounding European language names, we probably have employees with one or two of those names.  A significant portion of our employees have a number appended to their email address because someone else with the same name already worked there before them.And our mandate is such that we can&#39;t block random people from emailing us.
       
 (DIR) Post #Axrk5SKjupGL9LPPvc by nicholas@aklp.club
       2025-09-04T14:52:47.269929Z
       
       0 likes, 0 repeats
       
       It&#39;s set up per-user and intended to be used only for people with particular risk of being impersonated, typically C-suite and finance manager type positions. It is also possible to whitelist addresses for legitimate external folks with the same names, or e.g., (real example)  the ceo often actually sends business emails from her personal me.com address.
       
 (DIR) Post #AxrkDuLvcnZ6MlzlWy by ricardo@mastodon.bsd.cafe
       2025-09-04T14:39:14Z
       
       1 likes, 0 repeats
       
       @dragonfrog I believe @nicholas is talking about a server side check that compares the email&#39;s envelope sender against the from header.This is nice, but a capable email client should also be able to display or list both fields.@stefano
       
 (DIR) Post #AxrkDvNNosK5XZgRRA by nicholas@aklp.club
       2025-09-04T14:54:16.007874Z
       
       0 likes, 0 repeats
       
       I will never understand why hiding header info became standard. Who could have possibly thought that was a good idea? 🤦‍♀️
       
 (DIR) Post #AxsNFkA0O3EDXyHhKa by dragonfrog@mastodon.sdf.org
       2025-09-04T16:39:22Z
       
       1 likes, 0 repeats
       
       @nicholas @stefano Even with a limited scope, we cannot block someone from sending emails to our organisation, just because they happen to have the same name as a C-level executive.  That would risk depriving them of an essential service.Also, the CEO sending business emails from a personal email address would potentially create an embarrassing public scandal that would likely get the CEO fired and be career limiting for whoever approved such an exception.