What is Email Spoofing and the Dangers?
Dec 11, 2014
Jan 28, 2013
E-mail Spoofing is the process of changing the sender's email address, name and other routing information of an e-mail message, to make the e-mail appear as if it came from someone else. So, although an e-mail message may have appeared as if it came from someone or has that person's e-mail address in the "From" address line, it doesn't mean it was sent by that person.
Please continue reading below.
Why Cybcer-criminals Spoof Email Messages?
E-mail spoofing is so easy to do that it can be done from Microsoft Outlook, Gmail, Hotmail, Yahoo email and other email clients. You can easily send an e-mail to a friend and change the "From address" to firstname.lastname@example.org. When your friend receives this e-mail message it will appear as if it came from the president at the whitehouse (email@example.com) .
Almost everyone would open an e-mail message if they are familiar with the sender's email address and name. So, this is the reason why scammers and spammers use this technique to trick persons into clicking on malicious/phishing links, opening malicious attachments and e-mail advertisements sent as spam.
An e-mail message contains header information that is used by an e-mail server to route the message to the recipient. This information is not visible to you when you are reading an e-mail message, but it can be viewed from your email client's menu option. It is the header information that is altered in order to spoof an email message.
E-mail Message Header Information
FROM Name and Address - this is the sender's name and email address.
REPLY-TO Name and Address - this can be the sender's name / email address or another sender's name / email address. If you want to send an email message from one address, but have the recipient reply to another email address.
RETURN-PATH Address - this is the e-mail address that the bounced e-mail message will be returned to, if it fails to deliver.
SOURCE IP Address or “X-ORIGIN” address - this is the IP address of the sender.
It is important that you remember that if you receive a suspicious e-mail appearing as if it came from a legitimate organization (bank, insurance company, school, government institution), family member or friend, contact the sender before clicking on any links, opening any attachments or following any instructions in that e-mail message.
This is because the email message may have been spoofed my cyber-criminals to trick you into opening a malicious attachment or clicking on a malicious link that will infect your computer with a virus, Trojan horse or other malware.
Remember to leave your comment and read the ones made by others below. And, please report malicious, phishing or scam email messages, social media posts and websites to us. You may click here to contact us, or forward the email messages to: firstname.lastname@example.org .
Alert and help your family and friends by sharing this article with them: