Categories: Blog

Spoofing: What It Is And How It’s Used In An Email Scam

Email spoofing is the use of a fake sender address in an email message. It is used by email scammers to hide the origin of their message. By modifying the “from”, “reply” and “return path” fields of the email header, they can make the email appear to be from someone else. This is easy to do because SMTP protocol, which is commonly used in email, does not have authentication.

The use of a counterfeit email address goes beyond merely hiding the identity of the sender. It is often used to perpetrate an email scam, where the sender assumes the identity of a trusted friend,  colleague,  well known bank, store, or payment handling business such as PayPal. The scam attempts to convince the email recipient to send money or reveal information such as a user name and password which provide access to funds of the victim. Sometimes spammers use spoofed addresses to make their emails appear legitimate in order to get past spam filters.

The scammers typically use automated methods for gathering email addresses. Programs are used to collect emails from blogs, websites, forums, or anyplace where an email address might be posted. Another email harvesting method, is the use of a virus to collect email addresses from the address books of infected computers and smart devices. These addresses may be the target of spoofed emails or may be used as the spoofed address. People whose email addresses have been harvested may find themselves on the receiving end of email scams or may have their addresses used in scamming others.

One way to identify whether your email address is being used by either scammers or spammers, is to investigate returned or bounced emails that were sent to undeliverable addresses. Assuming these were not sent by you, check the IP address of the origin of the bounced email. If it is the same as that of your server, then your email account has been compromised. If the IP address is different, then the email was sent from a different server which means that your email address is being spoofed.

To avoid becoming a victim of spoofing, never click on links within a suspect email. Instead, go to the website by typing the URL into your browser. This address should not be taken from the email. If you are asked to reply, never use the reply button. Instead, send a new email using an address you know to be correct. Whether you are asked to reply or click a link, always use a means of responding that is independent of the email sent to you.

For more information about email security or if you would like to discuss your security concerns, please contact us.

ginetworks

Share
Published by
ginetworks

Recent Posts

3 Types of Cloud Computing: Which One is Right for You?

The concept of cloud computing is far more expansive than most people realize. While enterprise…

4 years ago

6 Reasons To Make Hybrid Cloud Services Part of Your of 2021 Data Management Strategy

Use of cloud services has been on the rise in recent years, and the recent…

4 years ago

Creating and Implementing a Business Continuity Plan

Running a business requires planning for every eventuality. Backing up servers, creating copies of important…

4 years ago

Native and Shift Cloud Migrations: What You Need to Know About Cloud Services

By now, you know the truth: Cloud services are here to stay. Where businesses once…

4 years ago

Cloud Services Enables Remote Working

Last year’s pandemic has created a massive shift in the marketplace and has brought with…

4 years ago

Could Your Business Benefit from a Multi-Cloud Infrastructure?

All businesses, regardless of size, can benefit from some form of cloud service. Cloud environments…

4 years ago