Cybersecurity experts were surprised by finding the ‘SubdoMailing’ scheme. This trick used over 8,000 subdomains of famous brands’ websites to fool security systems and send dangerous emails to people’s inboxes without them realizing.
The tactic called “SubdoMailing” uses famous brand names like MSN, VMware and McAfee to trick people. By controlling these subdomains, cyber attackers could send lots of spam and harmful emails that sneak past regular security checks.
One worrying part of this scheme is how it tricks people into clicking on dangerous link. For example, emails that look like pictures were found. They did this to get past filters that check for bad words in emails. Upon clicking, recipients would be redirected through a series of domains, tailored to their device type and location, ultimately leading to content aimed at maximizing profit for the cybercriminals.
Nati Tal, who leads Guardio Labs, rightly called this scheme powerful, showing how much money and effort went into it. Moreover, experts like Robert Duncan from Netcraft emphasize that hijacking subdomains is just one tactic in the arsenal of cybercriminals aiming to breach email security.
Duncan mentions that cybercriminals also use QR codes, real email services and other tricks. Even though there are security rules like SPF, DKIM and DMARC for emails, setting them up is hard work and needs careful attention to stop bad guys from taking advantage.
Patrick Harr, the boss at SlashNext, says don’t trust familiar websites too much. He found lots of sneaky parts within them. Harr thinks we need smart AI tech to spot these hidden dangers on real websites.
Gmail and Yahoo are making it harder for emails to get through if they are not from trusted sources. This means companies need to stay alert and update their security rules often.