Skip to main content

Search

Items tagged with: spoofing


Interesting. Hackers are mistaking Mastodon user profile account addresses for email addresses and sending fake roundcube phishing emails to the few accounts I have on my self-hosted instance in hopes of getting credentials.

"Roundcube Found Several Undelivered Messages"

I only received it because my domain has catch-all email turned on that will forward any email for email accounts that don't exist to a special email address.

The emails come from "Restoredesk.oldfriends.live <info@ecmtincinc.live>", pass spf and ip 79.141.160.47. Link below, which is Dropbox owned "DocSendDotCom"

Be careful if you host your own instance and have catch-all email setup and this slips past your little grey cells.

#Infosec #Spam #Phishing #Spoofing #MastoAdmin