E-Mail Spoofing

03 April 2023

Most of the time the email domains are misspelled by a sign, a letter or a character added or removed, sometimes when responding it shows the altered domains.

Example @yucca.com.mx

@yuca.com.es, @iucca.com.mx, @agroyn.com.mx, yuccamx.com, etc..

The emails use the following scenarios.

  • Payment not received and request information.
  • Changes in financial information for payments.
  • Redirection links to a page with a login request or delivery of information outside the domain.
  • Strange attachments.