What is email spoofing?
Email spoofing is a common fraud technique used to trick users into believing a email originated from a trusted source when it really originated from a fraudulent source.
Spoofing is used as a means of phishing; to promote services, collect sensitive data or harvest a bounty. In some cases not only is the sender address forged, the email may mimic the company brand or email signature making it even more difficult to detect.
Unfortunately email spoofing is possible due to to the design of the email system and outgoing mail servers inability to determine whether a sender address is authentic, this allows bad actors to configure any email address as a sender address in a script or application.
How to identify spoofed emails?
It’s can be difficult to identify whether an email is genuine or not, making it easy to mistake an emails authenticity and potentially fall victim to phishing or other scams.
You can verify whether an email is authentic by checking the following:
- Check the From and Sender address match
- Ensure the From and Sender address matches the contact name
- The Reply-To address should also match source domain
- Does the branding match the From and Sender address
- If the email includes a call to action, don’t provide any information or click any links until the email is confirmed legitimate. Check the link by hovering over the link, does the link match the sender domain or refer you to an unknown website? if the website is unknown the email is most likely fraudulent.
How to prevent my domain from spoofing?
Thankfully you can secure your domain from unauthenticated use (such as spoofing) by implementing a DMARC policy. A DMARC policy directs receiving mail servers how to handle emails sent using your domain without correct authentication methods. Protecting your domain reputation using a DMARC policy is an important measure you can take to ensure your brand remains a trusted source.