What is Email Spoofing?
Mar. 07, 2017| Zachary Ellis
It’s happened to all of us. We open our email account and there glaring at us we see a plea for help from a friend or family member. Perhaps the email says your friend is stuck in London without any money or credentials and needs your assistance to get home. Your friend or family member pledges to pay you back after he or she returns home.
Most likely you saw the email and deleted it– which is the proper course of action. It’s a scam email called “the stranded traveler.” Unfortunately, it’s an email that some people do fall for because it’s coming from the account of a trusted friend or family member and money is sent to help out.
So why did this happen? And, what’s the best way to deal with it?
Email Spoofing Explained
What happened is a common type of scam called email spoofing. Email spoofing is designed to look like a known account, but is actually a forgery and originates elsewhere. Email spoofing is effective because those who receive the email are likely to open it because it looks like it comes from a known account. As TechTarget noted, the goal of eail spoofing is “to get recipients to open, and possibly even respond to, a solicitation.” It turns out, as Lifehacker says, spoofing emails is a fairly easy thing for nefarious hackers to do, which is one reason phishing has become such a common scam.
You've Been Spoofed, Now What?
Now that you know what email spoofing is, what’s the best way to handle it should you be on the receiving end of one of these suspicious emails? The best way to verify whether or not an email is legitimate is to contact the person who sent it and verify it was from them. If they confirm they didn't send it, delete it. Usually, a simple deletion is the best response.
However, TechTarget said there are some emails that are maliciously designed to pose security risks for an individual. As an example, some phishing and email spoofing experts clone popular shopping websites and ask the recipient to provide sensitive data like a password or credit card numbers. Or, the email could include a link that, if clicked, would install some type of malware on your computer. That’s just one additional reason it’s important to have good antimalware installed on your computer alongside a good antivirus.
So, how do you prevent this kind of malicious attack?
- Be aware of who is sending the email. Pay close attention to the sender’s name and email address. Sometimes the false email can have a .net vs. .com, or could include a /au or something similar.
- Install antimalware and antivirus software on your computer.
- Turn up the spam filters on your email account.
- Never, ever click on unfamiliar links or download unfamiliar attachments.
- Finally, if you are unsure, that’s what ITonDemand is here for. Contact us and we will be happy to analyze the email and let you know if it is legitimate or not.