Into the Inbox: Novel Email Spoofing Attack Patterns
Unknown
Black Hat USA 2024 · Day 1 · Briefing
In "Into the Inbox: Novel Email Spoofing Attack Patterns," Caleb Sergeant and Hao Wang of PayPal unveiled their groundbreaking research into new methods of email spoofing that have far-reaching implications for digital security. Their work, which culminated in the discovery of several CVEs, exposed vulnerabilities impacting over 20 million domains globally. The presentation highlighted how attackers can bypass common email authentication mechanisms like SPF, DKIM, and DMARC by exploiting subtle misconfigurations and design choices within email infrastructure.