25
#Citibank emailed me an alert. The same bank that constantly warns me about email scams. And, yet, they misconfigured their email so it comes as a spoofed email. My email provider delivered it anyway (hear-me.social)
submitted 1 month ago by Jerry@hear-me.social to c/cybersecurity@fedia.io
0 comments fedilink hide all child comments

#Citibank emailed me an alert. The same bank that constantly warns me about email scams. And, yet, they misconfigured their email so it comes as a spoofed email. My email provider delivered it anyway because Citi has a "relaxed" policy in their DNS that says that EMAIL FROM A SPOOFING SERVER CAN BE DELIVERED so long as the signature passes. Yep, servers spoofing them are not a major red flag and the email should be delivered to the inbox anyway. The email provider is not to blame here.

A major bank should not do it this way.

The spoofing SMTP server check failed because the sending IP address is not authorized by Citibank's SPF record for info6.citi.com to send their email. This has been going on for years. Do you want Citibank email from a server not authorized by them to send it?

This relaxed attitude by corporations is why people get scammed.

Authentication-Results: mail.protonmail.ch; spf=fail smtp.mailfrom=info6.citi.com
Authentication-Results: mail.protonmail.ch; arc=none smtp.remote-ip=173.213.5.122

#citi #CyberSecurity #EmailSecurity

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here
this post was submitted on 08 Jun 2025
25 points (100.0% liked)

Cybersecurity

2 readers
3 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

founded 2 years ago
MODERATORS
shellsharks@fedia.io
tweedge@fedia.io