this post was submitted on 26 Jul 2025
7 points (70.6% liked)

Privacy

6825 readers
51 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 2 years ago
MODERATORS
iopq@lemmy.world
7
Google Spoofed Via DKIM Replay Attack | EasyDMARC (easydmarc.com)
submitted 1 week ago by Der_Fossyler@feddit.org to c/privacy@lemmy.world
4 comments fedilink hide all child comments
top 4 comments
sorted by: hot top controversial new old
[–] jlh@lemmy.jlh.name 6 points 1 week ago

it would be nice if people didn't use AI to write their articles.

[–] A_norny_mousse@feddit.org 6 points 1 week ago

I stopped reading when I realised the publisher is a company that sells a product that fixes the supposed problem.

Maybe this is a thing, maybe it isn't, but I don't have the resources to go on reading and analyze it.

[–] girsaysdoom@sh.itjust.works 1 points 1 week ago (1 children)

Even if they could reuse a DKIM hash on an email (pretty sure this is unique per email and would fail on a legitimate check), SPF would show its obviously not from Google. So just make sure your email server correctly handles DKIM verification and blocks SPF hard fails, and you're probably good against this.

[–] MysteriousSophon21@lemmy.world 2 points 5 days ago

SPF won't help here because the attack specifically uses legitimate sending infrastructure - they're forwarding through a compromised Google Workspace account so the SPF check passes, while reusing a valid DKIM signature from a diferent message.