SPF only checks the message envelope. His target's email provider may not correlate the MAIL FROM statement in the envelope with the From header inside of the message content. Some large webmail providers will use this mismatch as a cue to send a file to the spam folder.
Delivering a targeted phish requires situational awareness, but it's quite feasible to pull off something convincing.
Delivering a targeted phish requires situational awareness, but it's quite feasible to pull off something convincing.
http://blog.strategiccyber.com/2013/10/03/email-delivery-wha...