Avanan’s research on hackers manipulating Google’s SMTP relay service was featured in BetaNews. In the blog, Avanan describes that hackers manipulate Gmail’s service by sending spoofed messages to users. The attack has succeeded for those who lack DMARC policy configured with ‘reject detection’ for their email domains. As BetaNews writes:
Google was notified of the flaw on April 23rd. Meantime to guard against attacks it's recommended to check the sender address before interacting with any email, use an email security solution that uses multiple indicators to determine if a message is malicious, and always hover over any links to see the destination URL before clicking on it.
Read more here.
