Yang Ming’s notice:
Recently YM is under forged email threaten. The attacker’s purpose is to deceive the employees or customers in order to steal money or information. Therefore, please kindly pay attention to below information.
Briefly described, spoofing attacks include:
1. Envelope From abuse: Making the domain in the sender’s Mail From value (also referred to as “Envelope From”) the same as the recipient’s domain. This paper uses the terms “Mail From” and “Envelope From” interchangeably.
2. From header abuse: Using a legitimate domain for the sender’s Envelope From value but using a fraudulent From header.
3. Cousin domain abuse: Sending email from cousin domains that pass Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-Based Message Authentication, Reporting, and Conformance (DMARC) checks. The From value will show a similar sender address that impersonates a real one (for example, using alice@yangming.com to impersonate alice@yongming.com).
4. Free email account abuse: Using free email (Yahoo, Gmail, etc.) that pass SPF, DKIM and DMARC checks. The From header will show a legitimate sender address with an executive’s name@gmail.com.
To avoid any loss and misunderstanding. Any change about order or money information, please double check.
