Display Name Attack
Display Name Attack
- April 21, 2021
- Posted by: Nicola Selenu

Traditionally there is no provision to make sure the Display Name and Address Field portions of the From Header refer to the same entity. Bad actors have exploited this by using one address in the Address Field, which the user won’t see, and including a completely different address in the Display Name. Because they can use a domain they control in the Address Field, these messages may even pass simple email authentication checks against that domain, while the recipient’s email client shows a different domain entirely. This is sometimes referred to as a “Display Name Attack.”
Author:Nicola Selenu
Email Service Providers Handbook
The most comprehensive “Handbook of Email Service Providers“!
SPAMASSASSIN RULES
All SpamAssassin rules in one place, EXPLAINED!
SMTP COMMANDS
& REPLY CODES
All SMTP/ESMTP commands and reply codes in one place, EXPLAINED!
Free DNS Tool
Check the DNS records of your domain with our free DNS tool.
Deliverability Glossary
The most comprehensive Email Deliverability and Marketing Glossary!
- Term: Display Name Attack
- Term: Authentication
- Term: Display Name
- Term: Email client
- Term: From Header
- Term: Recipient
- Term: Email Service Provider (ESP)
- Term: Deliverability
- Term: SpamAssassin
- Term: Extended Simple Mail Transfer Protocol (ESMTP)
- Term: Simple Mail Transfer Protocol (SMTP)
- Term: Domain Name System (DNS)
Display Name Attack
Traditionally there is no provision to make sure the Display Name and Address Field portions of the From Header refer to the same entity. Bad actors have exploited this by using one address in the Address Field, which the user won’t see, and including a completely different address in the Display Name. Because they can use a domain they control in the Address Field, these messages may even pass simple email authentication checks against that domain, while the recipient’s email client shows a different domain entirely. This is sometimes referred to as a “Display Name Attack.”
« Back to Glossary Index- Term: Display Name Attack
- Term: Authentication
- Term: Display Name
- Term: Email client
- Term: From Header
- Term: Recipient
- Term: Email Service Provider (ESP)
- Term: Deliverability
- Term: SpamAssassin
- Term: Extended Simple Mail Transfer Protocol (ESMTP)
- Term: Simple Mail Transfer Protocol (SMTP)
- Term: Domain Name System (DNS)
- Term: Header
Author:Nicola Selenu
Email Service Providers Handbook
The most comprehensive “Handbook of Email Service Providers“!
SPAMASSASSIN RULES
All SpamAssassin rules in one place, EXPLAINED!
SMTP COMMANDS
& REPLY CODES
All SMTP/ESMTP commands and reply codes in one place, EXPLAINED!
Free DNS Tool
Check the DNS records of your domain with our free DNS tool.
Deliverability Glossary
The most comprehensive Email Deliverability and Marketing Glossary!
« Back to Glossary Index- Term: Display Name Attack
- Term: Authentication
- Term: Display Name
- Term: Email client
- Term: From Header
- Term: Recipient
- Term: Email Service Provider (ESP)
- Term: Deliverability
- Term: SpamAssassin
- Term: Extended Simple Mail Transfer Protocol (ESMTP)
- Term: Simple Mail Transfer Protocol (SMTP)
- Term: Domain Name System (DNS)
- Term: Header