What is email spoofing?

Have you received emails from an email address you recognise, perhaps a colleague or friend, containing questionable content? It’s likely that the sender’s email account has been spoofed!

Email spoofing is a nasty form of hacking. The sender alters parts of the email in order to make it appear as though it comes from a trusted source. You’ll find that ‘typically, the sender’s name or email address and the body of the message are formatted to appear as though they are from a legitimate source such as a bank, a newspaper, or a legitimate company on the web. Sometimes, the spoofer makes the email appear to come from a private citizen. These emails can often sneak into your inbox fairly easily as they confuse most email systems.

In order to spoof an email address, criminals simply need ‘an SMTP (Simple Mail Transfer Protocol) server (a server that can send email) and the appropriate email software. Many free SMTP servers will allow you to show a different ‘from’ address than the registered domain the email is actually being sent from.

What can I do?

If you believe the sender of an email has been the victim of email spoofing, don’t click on any links within the email or open any attachments. Don’t reply to the message directly. Instead, you should open a completely new message, type in the sender’s email address and let them know you suspect their email account has been spoofed.

To protect yourself from being spoofed never click on any links you don’t recognise or download any attachments from unknown senders. You should also ensure you accurately read email message headers and check domain names and IP addresses. When you float your mouse over the email address what pops up should be identical to what you’re floating over.

Protect your business from email spoofing with MailCleaner’s anti spam software. Our anti spam gateway is installed between your mail infrastructure and the Internet. It offers professional protection against viruses while eliminating up to 99% of spam.  MailCleaner detects any potentially dangerous content and regularly updates in order to protect your business from the latest scams.