Email impersonation / phishing

Hi there,
I’m using Cloudflare’s free email routing service and someone appears to have hacked my email, and sending phishing messages with it, saying “Clearly, I have effortlessly logged in to email account of yours” (as proven by the fact it comes from my email account), and asking for money.

How come this person is sending emails under my own email account?
Apart from the obvious security breach, my understanding was that this was not possible to do, and that you could only use the service to forward emails from a domain managed by Cloudflare to another email address, but you could not use the service to send emails under that account, only receive emails and forward them. I received 2 emails so far, the latest went to SPAM folder.

Anyone can send as any email - that’s just how SMTP works.

SPF, DKIM and DMARC are what verified who sent as who & is the main factor for which emails go to spam (failing these checks).

1 Like

Really? Can you just send an email as for example [email protected] ?

The original email header reads:
Message-ID: <[email protected]>
From: <[email protected]>
To: <[email protected]>
Subject: You have an outstanding payment.
Date: 1 Nov 2022 05:52:05 -0400
MIME-Version: 1.0
Content-type: text/plain; charset=“windows-1250”
Content-transfer-encoding: 8bit
X-Mailer: Kfkyxgip dvacc

I used the default Cloudflare’s email configuration, everything was automatically configured

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.