all InfoSec news
intuit.com mail servers compromised?
July 25, 2022, 5:51 p.m. | /u/konawolv
cybersecurity www.reddit.com
first stop after scanning the email (i saw some clear phishing scan signs immediately) was to check the message header. And, it turns out, the source actually appears to be legit:
Authentication-Results: spf=pass (sender IP is 167.89.82.160) smtp.mailfrom=e.notification.intuit.com; dkim=pass (signature was verified) header.d=notification.intuit.com;dmarc=pass action=none header.from=notification.intuit.com;compauth=pass reason=100
Received-SPF: Pass (protection.outlook.com: domain of e.notification.intuit.com designates 167.89.82.160 as permitted sender) receiver=protection.outlook.com; client-ip=167.89.82.160; helo=o4.e.notification.intuit.com; pr=C
Received: from o4.e.notification.intuit.com (167.89.82.160) by DB3EUR04FT039.mail.protection.outlook.com (10.152.25.31) with Microsoft …
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cloud Technical Solutions Engineer, Security
@ Google | Mexico City, CDMX, Mexico
Assoc Eng Equipment Engineering
@ GlobalFoundries | SGP - Woodlands
Staff Security Engineer, Cloud Infrastructure
@ Flexport | Bellevue, WA; San Francisco, CA
Software Engineer III, Google Cloud Security and Privacy
@ Google | Sunnyvale, CA, USA
Software Engineering Manager II, Infrastructure, Google Cloud Security and Privacy
@ Google | San Francisco, CA, USA; Sunnyvale, CA, USA