Spoofing

Email spoofing happens when the information in your email header is falsified by a deceitful sender, to make the message appear to have been sent from a trusted source.

The aim of this deception usually involves phishing for sensitive information that the sender intends to abuse or to discredit a person or business via impersonation and fraudulent means.

Phishing for information

With the recipient believing that the email was sent from a trusted source, they are more likely to reply to these messages or follow links that persuade them to provide or 'confirm' logins and passwords, credit card details, and other sensitive information.

How email header details are spoofed

Without the correct email address authentication protocols in place, such as SPF and DKIM, it’s a fairly straightforward process for hackers and other shady sources to alter the names and email addresses in the message header, to make it appear to have been sent from a known business, friend, or trustworthy contact.

One of the simplest methods of spoofing involves making tiny changes to the email domain—something that you wouldn’t notice at first glance—so they appear authentic.

Changing the name of the sender is often enough to fool the recipient, as many of us wouldn’t think of checking the email address’s authenticity unless the message came across as suspicious from the outset.

If the spoofer inserts a recognized business name in the sender field, the strength of the brand will often buy enough confidence to allow the attack to succeed.

Why do senders spoof names and email addresses?

  • Changing the name of the sender hides the spoofer’s true identity.
  • Switching email addresses is a method spammers use to work around spam blacklists.
  • By impersonating someone that the recipient knows the sender can acquire sensitive, personal information.
  • When pretending to be an existing business, it creates an opportunity for hackers to take over accounts and abuse them. It’s also common practice, by finding a way into business databases, that they can sell the data, or use it to blackmail the hacked business.
  • Impersonating a bank or building society allows hackers to gain access to account details and assets.
  • Pretending to be someone else, especially high-profile figures, CEOs, or celebrities, a spoofer can tarnish the image and reputation of those that they’re impersonating.
  • It provides clear channels to the information required to commit identity theft.

How to prevent spoofing

It’s relatively simple to spot fake emails and spoofed names and addresses—just by paying a little extra vigilance to the messages we receive, to be sure they’re authentic before we engage with them.

However, for the best protection, email authentication and identity detection services provide the mechanisms you need to determine which ones are hoax messages and to stop them landing anywhere near your inbox.