Email spoofing is the act of manipulating an email header to appear as if a message originated for a legitimate source. In truth, however, it was sent with ill intent in an attempt to steal your account information or credit card details. It is used regularly in phishing and spamming schemes as people tend to open emails if they believe that their origin is genuine. Usually, email spoofing is quite easy to spot, and the most natural thing you can do is to delete the message.
Examples of spoofing emails are as follows:
- A letter that seems to have originated from a famous shopping vendor such as Amazon or eBay, requesting sensitive details such as account details or your credit card number to "verify" your account.
- Emails that contain links requesting that you install specific software, which is, in fact, malicious.
- Messages that are sent from the CFO or CTO of a company you work in, requesting that you provide them access to your internal systems with the intent of gaining financial, trade or military information, depending on your area of work.
Email spoofing can be very easily accomplished. All you need to have is a working SMTP server and mailing software, such as MailBird, Thunderbird, or Outlook. The perpetrator can then forge specific lines in the email header, such as the "RETURN-PATH", "FROM" and "REPLY-TO" fields. When this fraudulent email lands in your inbox, it will appear to have come from the addresses the person entered.
Unfortunately, there are no ways to prevent email spoofing completely. However, if you suspect that a given message you have received is fake, you can immediately inspect its source and search for the IP address of the sender. When you have it, you can investigate if it originated from a recognized vendor. Another indication that a mail could potentially be spoofed is if it failed SPF verification. This verification failure will be displayed in the source of the message.
Bellow, we will list a few practices you can implement to lessen the chance of falling victim to this exploitation:
- If you ever get the impression that a message has been spoofed, please check the source for SPF and DMARC verification failures.
- Perform reverse IP lookups using various online tools, command-line interface commands, or other means.
- Never submit personal information, login credentials, or credit card details on websites or links that are not using HTTPS.
- If your mail provider offers the option of setting email filters, please take advantage. We at HostArmada, are using the world's most powerful web hosting solutions - cPanel. It comes with two features that allow you to configure email filters for your account - the Global Email Filters and the Email Filters functionalities.
- Never share sensitive details over email correspondence.