your passport to all things web
Email From and ReplyTo Phishing
Please be careful to double check that when you reply to an Email, that the Reply To is really the From address. Today a staff member replied to an Email that appeared to come from one of our contacts. The actual reply we sent went to a server in Germany. The server had already been shut down and the Email was not of importance, however, the attacker would have tried to establish a relationship with our staff member in order to obtain additional information.
From a technical aspect, there is no way to protect against these attacks. Almost all mailing lists are set up with the From address different than the Reply To, therefore, if we created a block, we would block Constant Contact and most newsletters, etc. We realize that these are really tough as most people do not check the reply address, including the IT department. The Email itself usually will send up some type of red flag as something will be amiss. If you are paying attention, you can clearly see that when you press reply, the To address does not match the From address.
This is just a reminder that this type of attack is continuing and we have to be vigilant.