Have you been impacted by SubdoMailing?
In under 30 seconds, Red Sift’s free Investigate tool can determine whether poisoned domains exist inside your SPF configuration.

Have you been impacted by SubdoMailing?

In under 30 seconds, Red Sift’s free Investigate tool can determine whether poisoned domains exist inside your SPF configuration.
SNAPSHOT
The business impact of subdomain attacks
A significant number of well-known organizations have been attacked as part of what’s being called the SubdoMailing campaign, which aims to send mail from trusted brand names to deceive individuals into taking action. The potential impacts of subdomain attacks are devastating.
Settlement costs Uber had to pay following their 2016 breach through a subdomain attack
Of consumers will stop engaging with a brand online following news of a data breach
Recent studies show the average cost of 1 minute of downtime is estimated $5,600 to $9,000
of companies have subdomain security exposure risks. The time to take action is now
How Red Sift can protect you from domain and subdomain takeover attacks
Together, Red Sift ASM and Red Sift OnDMARC safeguard users from SubdoDomailing through real-time DNS check, DNS registration data, email and domain data.
Red Sift ASM
Red Sift ASM's continuous monitoring of your digital infrastructure ensures immediate detection and mitigation of critical vulnerabilities such as dangling DNS, including dangling SPF or CNAME records, that can lead to domain takeovers.
The complete guide to SubdoMailing
Subdomain-based email attacks exploit weak spots in DMARC protection. Threat actors send messages from authentic-looking subdomains that pass security checks, making it easy to impersonate trusted brands and trick recipients.
This guide covers:
- Why SubdoMailing is a growing threat you can’t ignore
- The risks posed by dangling DNS records in your domain setup
- Practical steps to protect your organization right now
Frequently asked questions
Red Sift has free email security tools that check the overall health of your email setup and whether you’ve been impacted by SubdoMailing.
Investigate will automatically check whether your email sending domain has critical security protocols set up correctly, including DMARC, SPF, DKIM, FCrDNS, TLS, BIMI, and MTA-STS. It will also tell you if any ‘SubdoMailers’ have been found.
Should Investigate reveal any ‘SubdoMailers’ - also known as poisoned includes - the SPF Checker allows you to visualize them in a dynamic ‘SPF tree’, allowing you to quickly pinpoint where they are and speed up remediation efforts.
If compromised includes are detected in your SPF record, your domain is vulnerable to spoofing attacks. We recommend you remove these entries from your SPF record immediately. Learn how with our free guide to SubdoMailing above.
Together, Red Sift ASM and Red Sift OnDMARC safeguard users from SubdoDomailing through real-time DNS check, DNS registration data, email and domain data.
Check to see if you’ve been impacted by the SubdoMailing attack