Display Name Attack
Display Name Attack
- April 21, 2021
- Posted by: Nicola Selenu
Traditionally there is no provision to make sure the Display Name and Address Field portions of the From Header refer to the same entity. Bad actors have exploited this by using one address in the Address Field, which the user won’t see, and including a completely different address in the Display Name. Because they can use a domain they control in the Address Field, these messages may even pass simple email authentication checks against that domain, while the recipient’s email client shows a different domain entirely. This is sometimes referred to as a “Display Name Attack.”
Author:Nicola Selenu
Email Service Providers Handbook
The most comprehensive “Handbook of Email Service Providers“!
SPAMASSASSIN RULES
All SpamAssassin rules in one place, EXPLAINED!
SMTP COMMANDS
& REPLY CODES
All SMTP/ESMTP commands and reply codes in one place, EXPLAINED!
Free DNS Tool
Check the DNS records of your domain with our free DNS tool.
Deliverability Glossary
The most comprehensive Email Deliverability and Marketing Glossary!
- Glossary: Display Name
- Glossary: From Header
- Glossary: Authentication
- Glossary: Recipient
- Glossary: Email client
- Glossary: Email Service Provider (ESP)
- Glossary: SpamAssassin
- Glossary: Simple Mail Transfer Protocol (SMTP)
- Glossary: Accelerated Mobile Pages (AMP)
- Glossary: Extended Simple Mail Transfer Protocol (ESMTP)
- Glossary: Domain Name System (DNS)
- Glossary: Deliverability