@weexmx Es evidente que la caída de servicio Telefónico y (y datos obviamente) al menos a nivel Jalisco es quizás generalizada, Por favor @weexmx hagan una publicación explicando que sucede al menos.
@Podecojalmx@weexmx Exactamente lo mismo me sucede a mi. Weex debería dar la cara para explicar que sucede, y si esta derivado a que Movistar abandono el servicio de operadora Telefónica y volverse OMV, delegando su servicio a AT&T, Hay incertidumbre sobre que sucederá con antenas de "M" y servicios
Static anti-phishing codes aren’t enough.
If SMTP is compromised, even “valid” emails can be dangerous.
I propose dynamic code + campaign validation to restore trust.
Scan QR to read the full breakdown.
#EmailSecurity#Phishing#SMTP#infosecurity
🚨 New article: When Anti-Phishing Codes Fail
A real-world case where a crypto exchange trusted SMTP infrastructure too much — and paid the price.
✅ Valid codes
❌ Unauthorized senders
🧠 Proposed fix: dynamic code + campaign verification
Read here 👉 https://t.co/EnCutPieJR
@Gate_supportHQ@cgfrie You can use a composite code containing two parts: the confirmation code and a marketing campaign code. You can publish this code on the same https://t.co/Ofaix4j2s3 page as a verification method, along with the confirmation code and campaign name.
@Gate_supportHQ@cgfrie I suggest that the Anti-phishing code be modified, as it has been proven ineffective when the external email service is hijacked.
@Gate_supportHQ Excuse me, but there is no evidence that they used a MASK-type impersonation to impersonate your email; what there is evidence of is possible interference with the SMTP service.
@WebCraker@Gate Clarifying that Mailgun may still be directly responsible: When Gate validates the SMTP configuration for Mailgun to coordinate and send its emails, SPF, DKIM, DMARC, will appear marked as PASSED if someone else accesses Mailgun and sends emails from there.
@WebCraker@Gate Yes, all three verification steps were completed successfully. The goal is for Gate to take responsibility and admit that this was not an identity theft by MASK. Importantly, user data was not compromised, as the emails used the email address as the greeting, not the user ID.
@WebCraker@Gate Another possibility is that a Gate employee with a position that allowed them to send emails became corrupt and joined the fraud scheme. This would explain why they didn't have access to user data, but did have access to emails.
@WebCraker@Gate The email was sent from Gate's email service, but this doesn't necessarily constitute a security breach. It was sent from Mailgun, an external email service that Gate apparently uses. This means that user data on Gate's server may not be compromised.
Si en un producto de @amazonmex a un vendedor no le agrada que le pongas una calificación que baje su porcentaje, simplemente reclamara injuria, o falsedad en la publicación, te borran el comentario, Y TE ANULAN LA POSIBILIDAD DE PUBLICAR OTRO, sin opción de apelar. #CORRUPTOS