Hotmail, MSN and Outlook Breached, Courtesy of Agari's "P=none"
You ever wonder how Agari stays in business. Forbes magazine might (read the phishing story here). While the Microsoft domain itself is protected against email impersonation/phishing, not so with Hotmail, MSN or Outlook, which all have the Agari DMARC enforcement set to "p-none" whatsoever. Now you might think that email providers must ignore such enforcement due to everybody and his brother sending email through their services. Yet Agari protects AOL.com with DMARC enforcement. So it CAN be done. I'd surely like to depose the Agari sales team as part of an inevitable class-action lawsuit discovery process.
Let's see. How on earth could a "support agent's credentials" get compromised? Oh, wait. He probably got phished instructions from his boss via a spoofed Hotmail, MSN or Outlook address!
Don't worry Agari. It's not if, but when that class action suit hits you and your "p-none" clients. And when you do come to testify, bring an extra sphincter. Especially if Senator Elizabeth Warren's criminalization bill becomes law. Because you could learn the true meaning of "hard time" in the Big House from a cellmate who thinks you look swell in orange.
By the way, Mad Max has an email filter that blocks any Hotmail, MSN or Outlook email except out of courtesy to certain relatives who are just too stupid to know better.
A Very Mad Max