Here's a mind twister of a story about email #spam and security #breaches at companies of any size, and how breaches can impact you years later.

In 2017, I bought a T-shirt to support the #Defcon #CryptoPrivacyVillage from #Teespring. To complete the order, I created an account on Teespring's website.

Years later, in January, 2021, Teespring data was leaked to the web after an alleged breach. (https://www.zdnet.com/article/hacker-leaks-data-of-millions-of-teespring-users/). The company did not notify me of the breach or trigger a password reset, or anything. I haven't logged in to their website since I ordered the shirt.

Flash forward to today. I just received an email sent using a service from #Intuit that gives vendors an option to send invoices to customers.

All of the information in the email is forged, and the message somehow only got to me because the spammers contrived a way to forge the email address in such a way that what appears in the To: header in the email is different from where it was sent, an address *that is only visible in the full message headers in the message source*

What you'll see is that the message actually came to my registered email address (teespring@ [a domain I own]) but the To: header shows a contrived email address from a domain I've never heard of. I wasn't BCCed here. This is something new, and I suspect that this method of #spoofing is facilitated through Intuit's invoicing feature.

In any case, it's a good reminder that data leaked in breaches can have long-lasting consequences, up to and including the use by #malspam to try to infect your computer or by #phishing or #scammers who try to get you to reveal sensitive information. And these effects can happen years later.

It's also a good place to tease out that my technique for discovering breaches of this type is to have registered a personal domain name, and use a wildcard email inbox that allows me to use a different "address" for each site I wish to register with. This method gives the the ability to quickly identify the company or organization whose data was leaked to spammers.

Stay safe out there. The night is dark and full of scam artists.

📬 Entlassungen bei Patreon: IT-Security-Team muss gehen
#Internet #Kurznotiert #CryptoPrivacyVillage #EllenSatterwhite #EmilyMetcalfe #Mandiant #qanon #Volexity #WhitneyMerrill https://tarnkappe.info/artikel/internet/entlassungen-bei-patreon-it-security-team-muss-gehen-255476.html