MailSploit Allows Hackers to Perfectly Spoof EmailsFaking your identity is nothing new when it comes to the internet. Scammers, identity thefts, and cat fishers have been doing it for years. But thanks to a discovery made by Sabri Haddouche, we can now spot email fraudsters before they strike.
On Tuesday, cyber security researcher and programmer Haddouche revealed Mailsploit, a collection of bugs found in many popular email clients. Some of these clients include Yahoo Mail, Apple Mail, Mozilla's Thunderbird, Microsoft Outlook and many others.
By combining these bugs, cyber attackers were able to craft email headers that trick the client into bypassing spam filters like DMARC thus sending their malicious emails. This means Mailsploit was allowing attackers to send emails from seemingly trusted senders using any email address of their choice.
For example: let's say you recently subscribed to the "New York Times" and they were sending you weekly emails, Mailsploit could enable attackers to pose as an editor from the NYT and send you and email from the address editor@NYT.com. In these emails, they could ask for personal information or even embedded malware in the email that recipients could fall victim to. Email clients containing affected by Mailsploit would allow these emails to come through because they were from a trusted domain.
While only a handful of these clients have successfully removed Mailsploit, and many others are still trying to work on a solution, Mailsploit makes spotting these emails almost undetectable. However, Synametrics Technologies has developed a solution with the latest update of Xeams. Xeams allows users to create custom filters to stop spam from coming into their inbox. In this update, a new custom filter has been created to detect these bugs and prevent Mailsploit emails from coming through to your inbox.
If you are currently using Xeams, we strongly recommend updating to the newest version to protect yourself from Mailsploiting. If you are not using Xeams and are worried you may be affected by Mailsploiting or any harmful spam emails licenses for Xeams start at just $20 per year.
If you have any additional questions about Mailsploit or Xeams, please contact our support team:
Phone - 609-750-0007
Email - firstname.lastname@example.org