Nordstrom's email system abused to send crypto scams to customers
Summary
Nordstrom's email system was compromised and used to send cryptocurrency scam messages to its customers. These fraudulent emails were disguised as a St. Patrick's Day promotion, exploiting the trust associated with a legitimate company email address. The incident highlights the risks of third-party email system compromises.
IFF Assessment
The compromise of a legitimate company's email system to distribute scams is bad news for defenders as it erodes customer trust and bypasses traditional spam filters.
Defender Context
This incident demonstrates the importance of robust email security controls, including DMARC, SPF, and DKIM, to prevent domain spoofing and unauthorized email sending. Defenders should also educate users on recognizing phishing attempts, even when they appear to originate from trusted sources.