I'm with you on this. I will hit 3 YoE in June and have been doing excellent in my current role yet having no luck finding a new job. Interviews are hard to come by and I'm a month out on even getting a rejection reply from some companies.
I'm pretty surprised gmail didn't flag this at least. When I did it for a class in Uni, it always let me know that the FROM header didn't match the sender since that's a clear attack vector
His phrasing is very confusing - claiming the "from" field was spoofed, but that if he could see the "full header", he could have spotted the spoofing.
I would also assume something as prominent as the Gmail website/app for iOS, and the google.com domain, would have all possible email security features correctly configured.
So.. is this not the case? Or is it, but due to bad UI, despite all this security, any schmoe can send email appearing to come from google.com, and I have to pore over unspecified details in the "full header" to spot a fake?
It could indeed be that some MUAs only display the comment section. In theory you can use a MIME from like '"Google <[email protected]>" [email protected]'. Though most spam filters heavily frown upon garbage like that. Things like '"Foo ([email protected])" <[email protected]>' will likely pass though. (It's commonly done by shit forwarders.)
Apple Mail does allow you to see the actual sender if you tap on the name though. Outlook has been way worse in that aspect, by not letting you see the full sender. At some point it even saved these fake addresses automatically in your address book if it matched a contact's name or something. (I couldn't find the thread about it right now, but it has been discussed elsewhere.) It's a disservice to everyone except attackers to be honest.
On obvious spoofs I see "[email protected] <via [email protected]>". I think he means that it didn't indicate the latter. And if gmail phone app didn't fail to display headers he could have looked
reply