IT BEST PRACTICES

Subscribe to
IT Best Practices.

STAY CONNECTED

    Spoofing: What It Is And How It’s Used In An Email Scam

    Email spoofing is the use of a fake sender address in an email message. It is used by email scammers to hide the origin of their message. By modifying the “from”, “reply” and “return path” fields of the email header, they can make the email appear to be from someone else. This is easy to do because SMTP protocol, which is commonly used in email, does not have authentication.

    The use of a counterfeit email address goes beyond merely hiding the identity of the sender. It is often used to perpetrate an email scam, where the sender assumes the identity of a trusted friend,  colleague,  well known bank, store, or payment handling business such as PayPal. The scam attempts to convince the email recipient to send money or reveal information such as a user name and password which provide access to funds of the victim. Sometimes spammers use spoofed addresses to make their emails appear legitimate in order to get past spam filters.

    The scammers typically use automated methods for gathering email addresses. Programs are used to collect emails from blogs, websites, forums, or anyplace where an email address might be posted. Another email harvesting method, is the use of a virus to collect email addresses from the address books of infected computers and smart devices. These addresses may be the target of spoofed emails or may be used as the spoofed address. People whose email addresses have been harvested may find themselves on the receiving end of email scams or may have their addresses used in scamming others.

    One way to identify whether your email address is being used by either scammers or spammers, is to investigate returned or bounced emails that were sent to undeliverable addresses. Assuming these were not sent by you, check the IP address of the origin of the bounced email. If it is the same as that of your server, then your email account has been compromised. If the IP address is different, then the email was sent from a different server which means that your email address is being spoofed.

    To avoid becoming a victim of spoofing, never click on links within a suspect email. Instead, go to the website by typing the URL into your browser. This address should not be taken from the email. If you are asked to reply, never use the reply button. Instead, send a new email using an address you know to be correct. Whether you are asked to reply or click a link, always use a means of responding that is independent of the email sent to you.

    For more information about email security or if you would like to discuss your security concerns, please contact us.

    Spoofing: What It Is And How It’s Used In An Email Scam

    Email spoofing is the use of a fake sender address in an email message. It is used by email scammers to hide the origin of their message. By modifying the “from”, “reply” and “return path” fields of the email header, they can make the email appear to be from someone else. This is easy to do because SMTP protocol, which is commonly used in email, does not have authentication.

    The use of a counterfeit email address goes beyond merely hiding the identity of the sender. It is often used to perpetrate an email scam, where the sender assumes the identity of a trusted friend,  colleague,  well known bank, store, or payment handling business such as PayPal. The scam attempts to convince the email recipient to send money or reveal information such as a user name and password which provide access to funds of the victim. Sometimes spammers use spoofed addresses to make their emails appear legitimate in order to get past spam filters.

    The scammers typically use automated methods for gathering email addresses. Programs are used to collect emails from blogs, websites, forums, or anyplace where an email address might be posted. Another email harvesting method, is the use of a virus to collect email addresses from the address books of infected computers and smart devices. These addresses may be the target of spoofed emails or may be used as the spoofed address. People whose email addresses have been harvested may find themselves on the receiving end of email scams or may have their addresses used in scamming others.

    One way to identify whether your email address is being used by either scammers or spammers, is to investigate returned or bounced emails that were sent to undeliverable addresses. Assuming these were not sent by you, check the IP address of the origin of the bounced email. If it is the same as that of your server, then your email account has been compromised. If the IP address is different, then the email was sent from a different server which means that your email address is being spoofed.

    To avoid becoming a victim of spoofing, never click on links within a suspect email. Instead, go to the website by typing the URL into your browser. This address should not be taken from the email. If you are asked to reply, never use the reply button. Instead, send a new email using an address you know to be correct. Whether you are asked to reply or click a link, always use a means of responding that is independent of the email sent to you.

    For more information about email security or if you would like to discuss your security concerns, please contact us.

    Subscribe to
    IT Best Practices.

    STAY CONNECTED

      ALL ARTICLES

      Cloud Services

      Component Highlight: Veeam Data Protection and Backup

      READ MORE
      Cloud Services

      Meet the team – A word (or two) from our CEO, Reyner Natahamidjaja

      READ MORE
      Cloud Services

      Why you need a full cloud platform, and the pitfalls of going piecemeal

      READ MORE
      Cloud Services

      Component Highlight: IBM Flash Storage

      READ MORE
      Cloud Services

      Can You Trust Your Old Data with Hyperscale Providers?

      READ MORE
      Cloud Services

      Increasing Data Integrity & Security through multi-site replication with CloudKey

      READ MORE
      Cloud Services

      The Dissolution of AWS and their Cloud Monopoly

      READ MORE
      Cloud Services

      Meet the team – The Insights of Chris Martin

      READ MORE
      Cloud Services

      Component Highlight: Palo Alto Firewalls and Edge Security Services

      READ MORE
      Cloud Services

      How the right cloud platform can reduce your RTO and RPO

      READ MORE

      You Have The Momentum. We Help Keep It Going.

      At Global IP Networks, our mission is to keep your net working. Our team of dedicated, certified IT experts is 100% committed to your success. For over 20 years, we’ve relentlessly helped companies like yours tackle their IT challenges to maximize the security, uptime and performance of their networks.

      That’s tenacity. That’s Global IP Networks.

      wLearn More