Why Cyber-criminals Spoof Email Messages?
E-mail spoofing is so easy to do that it can be done from Microsoft Outlook, Gmail, Hotmail, Yahoo email and other email clients. You can easily send an e-mail to a friend and change the "From address" to email@example.com. When your friend receives this email message it will appear as if it came from the Online Threat Alerts (firstname.lastname@example.org).
Almost everyone would open an e-mail message if they are familiar with the sender's email address and name. So, this is the reason why scammers and spammers use this technique to trick persons into clicking on malicious/phishing links, opening malicious attachments and e-mail advertisements sent as spam.
An email message contains header information that is used by an e-mail server to route the message to the recipient. This information is not visible to you when you are reading an e-mail message, but it can be viewed from your email client's menu option. It is the header information that is altered in order to spoof an email message.
E-mail Message Header Information
- FROM Name and Address - this is the sender's name and email address.
- REPLY-TO Name and Address - this can be the sender's name/email address or another sender's name/email address. If you want to send an email message from one address, but have the recipient reply to another email address.
- RETURN-PATH Address - this is the e-mail address that the bounced e-mail message will be returned to if it fails to deliver.
- SOURCE IP Address or “X-ORIGIN” address - this is the IP address of the sender.
It is important that you remember that if you receive a suspicious e-mail appearing as if it came from a legitimate organization (bank, insurance company, school, government institution), family member or friend, contact the sender before clicking on any links, opening any attachments or following any instructions in that e-mail message.
This is because the email message may have been spoofed my cyber-criminals to trick you into opening a malicious attachment or clicking on a malicious link that will infect your computer with a virus, Trojan horse or other malware.