Jump to content
×
×
  • Create New...

Aniket 2211

Members
  • Posts

    1
  • Joined

  • Last visited

About Aniket 2211

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Aniket 2211's Achievements

Newbie

Newbie (1/14)

  • Conversation Starter

Recent Badges

0

Reputation

  1. Hello Security Team, I am Aniket2211 i have found Email Spoofing vulnerability Vulnerability Name:- No spoofing Protection on email Domain found. Description :- There is an email spoofing vulnerability .Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source. The goal of email spoofing is to get recipient Steps to Reproduce: 1. Go to emkei.cz or any fake mailer and fill the details and click on send. From: [email protected] To: [email protected] Reply-To: [email protected] Subject: URGENT! Account will be deleted within 2 days Body: Hello Victim, We have detected some suspicious activity in your account. Please reply to this email with your following details otherwise your account will be banned. 1. Your Full Name 2. Your Registered email address 3. Your password 4. One copy of your aadhar card/passport 1) An attacker would send a Fake email. The results can be more dangerous. and also if an attacker can send email to your employee then it's become risk to your company 2) so it can also lead to degrading company reputation when an attacker can send abnormal mail to another company by using your mail ID. 3) Attacker will get the details of victim. As i have provided screenshoot that spoofed email come to inbox and this i had tried yesterday and spoofed email was coming to inbox but now it is not coming i think you have patched issue so it is now not reproducable