Whilst you may not know of its official name, you may have been unfortunate enough to experience email spoofing.
This is where the sender pretends to be someone they are not by using that person’s email address. It could be anyone, your friend, your parent, your boss or a work colleague or even your bank. This process for the sender works most effectively where the person they are pretending to be has a trust position or some influence over the receiver.
Here’s our handy guide to email spoofing and how you can protect yourself and your business:
Reasons why spoofing happens:
There are a number of reasons that someone might pretend to be someone else and whilst they may seem obvious, it is worth highlighting them to ensure that you are aware and can learn how to look out for them.
1) Identity theft – this could be the start of a process where someone is trying to steal your identity by asking you for information that could be personal and used to compromise you in some way
2) Maliciousness – giving someone a bad name – if you pretend to be someone else you can say anything that you want and get the real person in a lot of trouble.
3) Spamming – it is common that if you send hundreds and thousands of emails from your one account, you get black listed. If you are constantly changing your sending address, this won’t happen and you can carry on spamming
4) Pretending to be credible – it may be that you are targeted by a person or organisation that is known to you. You may be asked for bank details, passwords and personal information.
What can be done? The following lines of defense should be employed to counter this:
1) If you don’t know who the email is from – just delete it
2) If you think you know the sender but the contents contain something that is unprecedented, or a strange request, then don’t open it. Delete it and make contact with that person and double check.
3) If points 1 or 2 are true, and there is an attachment – don’t open the attachment.
4) Check the “from” address of the sender to make sure that there aren’t any typos in the name, or it is from a genuine looking source
5) If the email is suspicious and it contains links to websites, then check the website that it wants to take you too before clicking on it. Paypal spoofing emails are incredibly common.
What can we do to help?:
- There are a couple of ways that Intalect can help. There are software applications and internet services that can be implemented which scan these types of emails and stop them before they get to you.
- Also, we can set up various things in your domain name such as SPF (Sender Policy Framework) records which can be set to further restrict where your email traffic comes from and ensure it arrives from safe sources.