In simple terms, email spoofing is when emails are created from a forged email address. The recipient of the email is often tricked or misled in to opening the email as it can appear it has come from a trusted source, for example, someone you know. This is why spoofing poses a threat to your security as everyone can be targeted. You may have even had this happen to you already at some point.
So why does email spoofing exist?
The answer to this, is that it is usually used with insincere intent or malice. By posing as a trusted source, also known as phishing, it can encourage the recipient to click a link or give out sensitive information. This can lead to crimes taking place such as identity theft, funds going missing from your bank account, or your contacts being accessed and also targeted.
How to tell if you’ve received a spoof email:
Often, on a spoofed email, even though you can see a legitimate email address, it could actually be from someone completely different. For example, you could have an email appearing to be from your bank, even down to the email address itself, but that’s actually not the case. You can often tell this from looking at the Header of the email as it contains all the information you need about where the email came from and how it got to you.
In the email Header, under “Received-SPF”, if you see “Pass”, that usually means the email is legitimate and if you see “Fail”, or “Softfail”, the email is probably spoofed. If you are ever unsure, or can’t find the Header, you can always forward any suspicious email to us and we will be able to tell you if it is legitimate or not, because we offer a managed service.
If you would like to find out more about our managed services, browse the site using the menu above, or email firstname.lastname@example.org.