Spoofed Phishing – Mailsploit

December 16, 2017
phishing prevention

The Perfect Email Disguise

Whenever criminals want to trick someone online they usually fake identities, and spoofing an email address is the oldest trick in the book. A never ending technique to get information which is called phishing has been coupled with spoofed email sending out almost perfectly crafted messages to trick someone into clicking a link or any object inside an email, or giving information which is unnecessarily asked via email. It is fairly easy for people to spot fake email addresses especially when one person is informed about domains and addresses where messages come from. For those who are bit of advanced who can check email headers good for them as phishing prevention method, however no one is still safe due to an evolution in spoofed emails.


Visually Perfect Spoof

Now we have Mailsploit which is used for forging perfect email spoofs that can change the domain name into anything a hacker wants like something “official” and one that sounds like with authority. This email exploit has been revealed by a security researcher named Sabri Haddouche. He revealed the exploit is a combination of methods which is used to spoof a lot of common email clients, including Microsoft Outlook 2016, Microsoft Mail, Apple Mail for macOS and iOS, including a long list of less popular email clients.
This means that phishing activities and socially engineered emails will become more rampant if this remains unattended.
There is a test site where you can experiment on the Mailsploit, see the image for reference:

spoofed phishing iZOOlogic

You can find this at www(dot)mailsploit(dot)com

Patches in Progress

Good thing Haddouche contacted the affected email service providers to warn them about Mailsploit. Some service providers said they have fixed the bugs, while some says that their products are not affected, and some would not even bother to fix it, as the problem is server sided.

While email clients were patched, do take note that webmail based email services are still affected in which I personally tried. Phishing attacks on those who use webmail will be most likely the victim of Mailsploit. It seems like a personal phishing prevention would be opting to use a secured email client.

To those who are using email clients it is best to keep your software updated and upgrade to the latest version. An anti-phishing and anti-spam precaution is to install security plugins in your email client if such feature supports it.

Before we end this article I will share a test Mailsploit sent to my personal webmail. See the image below

Spoofed Phishing - iZOOlogic

Imagine receiving an email from someone that important.

Anyone can be spoofed with these array of methods. So be extra careful. When in doubt of an email you receive you can tap your phishing intelligence experts for their opinion.

About the author

Leave a Reply