|
|
|
|
|
|
by krebsonsecurity
2112 days ago
|
|
|
Spend a few minutes looking at the spam list threads linked in the article. This is not just a few people complaining. E.g.: https://www.mail-archive.com/search?l=mailop%40mailop.org&q=... There was a ton of material I did not include in the story, including a story from a company that had a client have 40 million phishing emails sent through their Sendgrid account, which it turns out was set up by an employee long ago who was no longer with the company and had not turned on 2FA (and probably was re-using passwords). I started reporting this story almost a month ago after receiving more than 3 emails from different IT experts who were really frustrated with the amount of malware and phishing coming from Sendgrid accounts. They were frustrated because they couldn't block Sendgrid outright because too many companies they were expecting regular emails from used the platform. The day before I published the story, I head from someone else who was getting phishing attacks spoofing Aruba Networks. |
|
|