Cybercriminals have exploited a flaw in Proofpoint’s email relay servers to send millions of phishing emails. The phishing campaign, known as “EchoSpoofing”, began in January 2024 and was sending out an average of three million emails daily, peaking at 14 million emails in early June. The emails were properly DKIM signed and SPF approved, making them appear legitimate to recipients.
The phishing emails were spoofed to look like they were coming from well-known companies like Disney, IBM, Nike, Best Buy, and Coca-Cola, all of which are Proofpoint’s customers. Despite the authentication, major email platforms like Gmail failed to flag these emails as spam, allowing them to bypass security protections and land directly in recipients’ inboxes. The goal of these emails was to deceive recipients into providing payment and personally identifiable information.
Guardio Labs, the researchers who uncovered the campaign, noted that the emails scared victims with fake account expirations, payment requests, and renewal notices. Proofpoint has been monitoring the situation since March 2024 and has provided new settings and advice on preventing such attacks in the future. They have also offered a detailed guide on adding anti-spoof checks.
In response to this security breach, it is crucial for individuals and businesses to remain vigilant and ensure they have strong email security measures in place. Implementing anti-spoofing checks and staying informed about the latest cybersecurity threats are essential steps in protecting against phishing attacks.
Sead, a freelance journalist based in Sarajevo, Bosnia and Herzegovina, with expertise in IT and cybersecurity, emphasizes the importance of staying informed about evolving cyber threats. With over a decade of experience in journalism, Sead has provided valuable insights into various technological topics, including cloud computing, IoT, and ransomware. By remaining proactive and knowledgeable about cybersecurity issues, individuals and organizations can better safeguard their sensitive information and prevent falling victim to phishing scams.
