What is spoofing?
Spoofing is a fraudulent practice in which communication is sent from an unknown source, disguised as a known source, to the receiver. E-mail spoofing is one of the most common types of spoofing. It's a tactic used by spoofers in phishing and scam campaigns to trick recipients.
E-mail spoofing occurs when a sender’s e-mail address is faked to fool the recipient of the e-mail into thinking the message is sent by another. It is often done by imitating a friend, family member, or legitimate business. It commonly occurs in spam messages and is something to be aware of, especially when the content of the message does not appear to be something that the person or business in the ‘From’ field would send. This method of spoofing is most commonly used to convince users that the e-mail is safe whilst in reality it may be used for malicious practices.
Spoofed e-mails may request personal information for example by asking the recipient to reply with an account number for verification. The spoofer is then able to use the account number for criminal activities such as identity theft, changing the contact details, or accessing the recipient’s back account.
How can I avoid spoofing?
The two biggest problems that cause people to get listed on spoofing databases (lists of email addresses for spoofing) are:
- Clicking on a link in phishing emails and freely submitting and confirming their email address to the list;
- Forwarding to mass groups of people in the CC instead of the BCC field, which then exposes the recipients email addresses making them vulnerable to spoofers.
How can I check whether a message is spoofed?
- Think critically about the content of the email - If the content seems out of character given the source, or asks for sensitive information that they may not need, please contact the presumed source to ask if the message is legitimate;
- If a message is not specifically addressed to you, be very careful, and do not open any attachments or downloads as they may contain malware.
- Be aware of hyperlinks and URLs’ imbedded in the message as they may not always link to what they are supposed to link to. In some cases, a message may pretend to direct you to a safe environment, your bank login screen for example, but may instead link to a fake version of that page to trick the recipient. A way to determine if a link is trustworthy is by hovering over it with the mouse. When doing so, most browsers will display the full URL of the hyperlinked text below. If the URL does not match with page it is supposed to direct to, it is likely malicious.
- To check the sender's real email address, please do the following:
1. Open the message in StartMail webmail, and verify the sender by clicking the Show full header link.
2. Examining the line that lists the Return path. If the domain does not match the source in the From field of the email, it is likely that the message is spoofed.