Google SMTP relay service is wildly popular and used every day by legions of users. Unfortunately, hackers around the world are aware of this and increasingly they've begun abusing the SMTP relay service.
The basic idea is as follows. Some clever hackers have figured out that they can bypass email security products and deliver malicious emails to their intended targets if they take advantage of certain weaknesses in Google's SMTP relay service.
Researchers at the security firm Avanan have been tracking the phenomenon and have confirmed a sudden, dramatic spike in threat actors abusing the SMTP relay service beginning in April of this year (2022).
The relay service is offered by Google as part of Gmail and Google Workspace as a means of routing outgoing user emails.
Use of the SMTP relay is mostly a matter of convenience, as it means that users don't have to manage an external server for marketing emails. So there's no worry that their mail server may get added to someone else's blocked list.
It is very handy but unfortunately, hackers have discovered that they can use the SMTP relay service to spoof other Gmail tenants without being detected, with one very important catch and caveat. If those domains have a DMARC policy configured with the 'reject' directive, the game is up, and the hacker's attempt will fail.
Although this can be a serious problem, it also has a simple solution. Just set a fairly strict DMARC policy and you'll minimize your risk of your users falling victim to this type of attack.
As Google indicated on a recent blog post on this very topic:
"We have built-in protections to stop this type of attack. This research speaks to why we recommend users across the ecosystem use the Domain-based Message Authentication, Reporting & Conformance (DMARC) protocol. Doing so will defend against this attack method, which is a well-known industry issue."
It's good advice. If you aren't sure whether you've got a strict DMARC policy set, find out from your IT staff. If not, have them implement one right away.
________________________________________________________________________________________________________
"Fortune Favors Who Value Time over Money!"
"TeQ I.Q. was the 1st IT Company to Deliver Cloud Solutions since 2003"
Tech issues taking up your Time?
"TeQ I.Q. Makes Your Technology Simple and Easy"
Do you have Tech Frustrations like your Computer, Internet, Phone, Cellphone, Camera, TV, Car?
"We Take Away Your Tech Frustrations and Give You the Free Time You Deserve!"
Call Robert to ask all your Technology questions.
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
