Mailgun takes the security of our users’ accounts very seriously, and when it comes to a compromise of an account - no one is having any fun. With so many things that can contribute to an account compromise, we took a step back to look at the various attack vectors used by bad actors trying to gain access to accounts.
Here at Mailgun, we take cybersecurity extremely seriously. When it comes to our customers’ emails, a compromised account can mean compromises for their end-users as well.
In case you need a refresher, phishing emails are emails that spoof legitimate businesses to gain your personal information. These emails lead to a landing page that asks you to input your personal data like your login or social security number, thus collecting your info.
We talk a lot about security around here at Mailgun, but what exactly do we do about it? Besides features like 2FA and teaching users how phishers get your personal information; we want people to help us shore up our backend, too. That’s why today we’re happy to announce our public bounty offerings with Bugcrowd.
Did you know that an overwhelming majority of the email going around the interwebs each day is spam? You may ask yourself, “Why do people spam?” The short answer is, it’s lucrative.
We’re not going to beat around the bush – phishing sucks. It sucks to fall for a phishing attempt, and it sucks to have phishers pose as you. We can go on and on about how to protect yourself from phishing (and don’t worry, we will by the end of this post), but we stopped and thought – have we ever talked about how phishing happens from our perspective?
Everyone hated the privacy policy email armageddon, businesses included. Not because some of their emails were going straight to spam, but because a lot of businesses had to take a second look at their security measures. Revamping security measures can suck – but losing a ton of personal information is the absolute worst. What can we do?
Hour 0: Well, I never thought this would happen, but my password was leaked. My account has been compromised, and my services have been interrupted. This is bad.
There are only a couple things worse than mall shopping on Christmas Eve. Your holiday party getting crashed by really bad guys Your account getting compromised by a malicious spammer For number 1, there’s Bruce Willis.
Mailgun is making several changes to our domain verification requirements, which will go into effect in two separate phases. This blog post contains a list of steps that you can reference to help you determine if you need to make any changes to your configuration to continue using the service.
Running your infrastructure in a secure configuration is a daunting task even for security professionals. This guide provides practical advice to help engineers build up infrastructure following security best practices so that they can confidently deploy their services to the public Internet and lower their chances of being compromised. This guide specifically targets Linux based systems; however, the best practices apply to all computer systems.
This was announced on December 2, 2015. Before the birth of the modern Internet, e-mail was primarily used for exchanging messages across private networks where there was minimal risk of interception. As the use of e-mail proliferated for business and e-commerce purposes, mail delivery continued to rely on protocols that were not designed with information security concerns in mind. Over time, techniques were developed and adopted to improve the security of e-mail as it traveled across the Internet.
