V14 - Config
Email Spoofing to Inbox due to Missing or Misconfigured DMARC on Email Domain
POC
- To check the SPF and DMARC policy mxtoolbox.com was used: https://mxtoolbox.com/SuperTool.aspx
- This issue can be produced by any third party tool which can Fake Emails, for demo https://emkei.cz/ was used.
- Open the site https://emkei.cz/
- Enter all the details, ensure the from email is admin@target.com To Email can be any email which is accessible.
- Now type the message and click on Send
- Once message is received notice that the From email is admin@targte.com which looks legitimate.
Impact
Low
Likelihood
Low