Domain Keys “Adopted” by Phishers

   5/8/2019 |  11/30/2004 |  Leave a comment
Category: Phishing
The Internet Patrol default featured image
Share the knowledge

Domain Keys is another flavour of email sender authentication, along with SPF and Microsoft Sender I.D., designed to help ensure that email which claims to be from Sender X is in fact from Sender X. Developed last year by Yahoo, and deployed last month, its primary purpose in life is to help prevent the forging of the return address in email. (The same holds true for SPF and Sender I.D.; in all three cases they are anti-forgery schemes. Now that you know that, whenever you hear someone bemoan that SPF or Sender I.D. or Domain Keys doesn’t stop spam, you can look smugly down your nose at them and inform them that they never were about stopping spam — they are about stopping forgery).

However, surprise surprise, it turns out that phishers have started adopting Yahoo’s Domain Keys technology and using it in their phishy email.

Why this is a surprise to anyone is beyond Aunty. It is not only exactly what happens with any email technology designed to help ensure the delivery of email, but it is exactly what you would expect to happen.

The question is not whether scammers, spammers, and other nefarious Internet baddies adopt the technology. The question is whether they can adopt it successfully.

By way of example, the company Habeas (disclaimer: Aunty has in the past been involved with Habeas) knew full well that spammers would attempt to use the Habeas system for assured email delivery to force delivery of their own spam. In fact, they counted on it, and had planned accordingly. So, rather than finding that the adoption of the Habeas technology facilitated the delivery of their spam to the inbox, the spammers found that the adoption of the Habeas technology facilitated the delivery of a lawsuit to their doorstep.

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

So the simple fact that phishers have started using Domain Keys really means nothing, in and of itself. The question is, are they using it successfully? Or is it working exactly as its supposed to, with the Domain Key-laden phishmail not actually being authenticated and linked to the server which actually sent it?

Remember, the owls are not what they seem.

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 

More from the Internet Patrol:

Accidental Email from Paypal is Not a Paypal Phishing Email
The Newest Paypal Phish Exhorts "Account Activity - Action Required"
New SMS Bank Phishing Scam Uses Hacked Holiday Inn Phone Numbers
Coronavirus Email Scams and Phishing on the Rise - Don't Fall for Them!
Paypal to Block Apple Safari Browser, Other Browsers
Dyre Wolf Wire Transfer Malware Gets Around 2-Factor Authentication
New American Express Credit Card Identity Theft Phishing Scam
New "NOTIFICATION - Storage Full" Phishing Spam - Don't Be Fooled!

Share the knowledge

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.