1
Blog / Re: SCAM ALERT: VULNERABILITY REPORT- DMARC RECORD MISSING.
« Last post by kat on March 16, 2024, 03:08:16 PM »Another bug bounty scammer, this time with a LinkedIn profile (not shown) claiming to have found a domain vulnerability due to a missing DMARC record. The scam here is claiming a quarantine policy setting (intentionally set the way it is) as a missing DMARC record while including screenshots confirming the scams. In other words, someone knowledgeable of 'IT' and/or 'security' would know the difference, and what the report actually means.
Quote
From
Ali Azhar thewhitehat862@gmail.com
Subject
VULNERABILITY REPORT- DMARC RECORD MISSING.
Body
What Is DMARC:
There is an email spoofing vulnerability.Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source. The goal of email spoofing is to get recipients to open, and possibly even respond to, a solicitation.
How To Reproduce:
1.GO TO- https :// mxtoolbox.com/
2.ENTER THE WEBSITE ( https://www.katsbits.com/ ).CLICK GO.
3.YOU WILL SEE THE FAULT (No DMARC Record found)
4.In the new page that loads change MXLookup to DMARCLookup
POC-ATTACHED IMAGE
POC
Spammers can forge the "From" address on email messages to make messages appear to come from someone in your domain. If spammers use your domain to send spam or junk email, your domain quality is negatively affected. People who get the forged emails can mark them as spam or junk, which can impact authentic messages sent from your domain.
[signature image]