Email spoofing: What is it and how to prevent it
Have you ever had an email that looks like it’s from a friend, a business you’ve worked with before or a customer, only to read it and think…. there’s something not quite right here? Yeah, we have too. It can be worrying when that happens, and the first thing you might want to do is email that person back to tell them that their account has been hacked. However, that might not necessarily be what’s happened. Instead, their email address may have been spoofed (email spoofing).
Email Spoofing is when the header of an email is forged to make it look like the email came from a different email address to the one that actually sent it. It can be used to trick recipients into handing over personal information or downloading malware to their computer or network.
For example, let’s say you received an email from firstname.lastname@example.org telling you that they have sent you a 50% off voucher. You LOVE ‘ABC Business’ and have purchased from them many times before, so you open an email attachment that supposedly contains your discount voucher. Whoops. You’ve just opened a malicious file. How? Because that email was ACTUALLY sent by email@example.com and it tricked you into thinking it was from the authentic email address. You have been email spoofed.
Another way that Email Spoofing can be used is to send out spam to thousands of scraped email addresses. You know those fake PayPal/eBay/HMRC emails that we keep mentioning in our blog posts? Email spoofing is one of the ways in which they are sent.
Cybercriminals target a random domain name and then spoof it to send emails from address like sales@, admin@ or even randomly generated strings such as sales12456@ to thousands of unsuspecting recipients. The spammers hope is that those emails are opened and the attachments downloaded in order to spread their malware. If that happens, the person who fell for their scam then blames the domain name that was spoofed, rather than tracing it back to the actual sender.
How to prevent Email Spoofing
Unfortunately, there isn’t a failsafe way to prevent someone from spoofing your email address. The way in which SMTP servers (how emails are sent) work makes them susceptible to spoofing – and it’s worryingly easy for cybercriminals to accomplish.
There are, however, still features you can put into place to help detect spoofed emails that are sent to your inbox. Adding Sender Policy Framework (SPF) records to your website’s DNS information will increase the chance of spoofed emails being identified. It’s an additional security measure that aims to validate the sender information of incoming spoofed emails. It’s not a 100% fool-proof method, but it can still be very effective.
Spambrella – How we protect your business from Email Spoofing
Spambrella offers robust protection against impostor email threats (also known as email spoofing), business email compromise or CEO fraud. Suspected imposter emails are identified as inbound messages from the internet where the “from” domain is one of the company’s internal domains.
These messages can be quarantined for further review and released if appropriate. Organizations can also create exceptions in order to allow delivery of emails from approved senders, such as an externally delivered marketing communication.
If you’re interested in SPF record protection for your personal or business emails, contact Spambrella to find out how we can help. We will also be happy to set up filters specifically for your business to deter and contain CEO fraud email spoofing attempts.