• The Latest Scams

Spoofed SMTP Relay Services

Citynet Fiber Network

Simple Mail Transfer Protocol (SMTP) is the standard method that mail servers use to send emails. Organizations typically use an SMTP relay service to send mass emails, such as marketing materials. Some organizations use Gmail as an SMTP relay service, but unfortunately, cybercriminals have found a vulnerability in the Gmail service. 

Using this vulnerability, cybercriminals can spoof any organization that also uses Gmail as a relay service. For example, let’s say that a legitimate organization owns the domain sign-doc[dot]com and uses Gmail to relay its marketing emails. Cybercriminals could send phishing emails from a malicious domain, such as wishyoudidntclickthis[dot]com, and disguise the emails by spoofing the legitimate domain, sign-doc[dot]com. Since the spoofed domain is being relayed through Gmail, most email clients will consider the malicious email safe and allow it to pass through security filters.

Follow the tips below to stay safe from similar scams:

  • This type of attack isn’t limited to Gmail. Other SMTP relay services could have similar vulnerabilities. Even if an email seems to come from a legitimate sender, remain cautious. 
  • Never click on a link or download an attachment in an email that you were not expecting.

If you need to verify that an email is legitimate, try reaching out to the sender directly through phone call or text message.

Stop, Look, and Think. Don’t be fooled.

Protect your network! Learn more about security awareness training for your team.

Like This Post?

Facebook
X
LinkedIn
Pinterest

More Posts

Blog Cybercrime Calling Image
Cybersecurity

Cybercriminals Are Now Calling Your Employees

Is Your Business Prepared? Cyber threats are evolving, and one of the fastest-growing tactics right now is social engineering through trusted communication platforms. Instead of trying to hack their way in, cybercriminals are increasingly talking their way in. Attackers are impersonating IT staff, executives, vendors, and even coworkers via phone calls and collaboration tools such as Microsoft Teams, Webex, and other messaging

March 5, 2026
Laptop Typing With Icons Image
Cybersecurity

Shadow IT: The Apps Your Employees Use That IT Doesn’t Know About

When most businesses think about cybersecurity risk, they picture hackers breaking in from the outside. But one of the fastest-growing risks isn’t external at all. It’s happening inside your organization…quietly, unintentionally, and often with good intentions. It’s called Shadow IT. And it’s growing faster than most businesses realize. What Is Shadow IT? Shadow IT refers to any software, app, cloud platform,

February 23, 2026
Teamwork People Tablet Image
Cybersecurity

The New Employee Is Your Biggest Security Risk

(And It’s Not Their Fault) When businesses think about cybersecurity risk, they often picture hackers, ransomware, or sophisticated phishing attacks. But one of the most common — and overlooked — security risks starts on day one: A new employee. Not because they’re careless.Not because they’re malicious.But because onboarding and offboarding processes often leave dangerous gaps. If those gaps aren’t managed

February 23, 2026
Umbrella Covering Laptop Cybersecurity Image
Cybersecurity

The New Reality of Cyber Insurance Requirements for Small Businesses

Cyber insurance used to feel like a safety net. Today, it’s starting to feel more like an application for a mortgage. Across the country, insurance providers are tightening requirements, raising premiums, and even denying claims when businesses don’t meet modern cybersecurity standards. Many small and mid-sized organizations are discovering this shift the hard way, during policy renewal or after filing

February 19, 2026
Citynet Red Siege Webinar Post Image
Cybersecurity

Citynet and Red Siege Webinar Inside the Attacker’s Playbook

Cybersecurity isn’t just about defense — it’s about understanding how real attackers think. Join Citynet’s Craig Behr and Red Siege’s Tim Medin for an upcoming webinar, Inside the Attacker’s Playbook, where we’ll break down how real-world offensive operations uncover gaps — and how organizations can use those insights to reduce cyber risk before it becomes a business problem. Play Video

February 5, 2026
Tax Season 2026 Image 2
Cybersecurity

Cyber Protection During Tax Season: What You Need to Know

Tax season is stressful enough without worrying about cybercriminals. Unfortunately, this time of year is one of the busiest for online scams, phishing attacks, and data theft, targeting both households and businesses. From fake IRS emails to stolen login credentials and compromised devices, cybercriminals know tax season creates urgency and confusion, making it the perfect opportunity to strike. The good

February 2, 2026
View All Posts

SuperPod with WiFi 6E

Plume SuperPod WiFi 6E Specs

SuperPod with WiFi 6

Plume SuperPod WiFi 6 Specs

SuperPod

Plume SuperPod Secs