What Is Email Spoofing? How Scammers Forge Fake Emails
Whatsapp Pinterest
Advertisement

What can you do if someone is using your personal email address? If your family and friends get suspicious mails from your address, you might think you’ve been hacked. Similarly, if you get spam from someone you know, has their system been compromised?

Secure your inbox with our free email security course!

This will sign you up to our newsletter

Enter your Email

This is a process called email spoofing. It’s surprisingly simple to do and incredibly common.

What Is Email Spoofing?

Email contact form

Your immediate concern is, of course, that you’ve become a victim of cybercriminals. However, this often isn’t the case; instead, someone is faking your email address.

All emails come with details of the recipient and the sender, and the latter can be spoofed (which simply means it’s an imitation address).

So why have you received an email seemingly from yourself? There are a few possibilities.

The first instance is when a message can’t be delivered, so is “returned” to the address in the sender field. This will seem especially odd if you didn’t send that message. At least you now know that someone is faking your address.

Scammers can learn of your address through numerous methods, including social media accounts and mutual contacts. It could also be that your email address is in the public domain anyway; if you’re a business or have a newsletter, for instance, your address will probably be publicized. This makes life a lot easier for scammers looking to spoof emails.

Many of us send ourselves important documents and images through email as a means to back them up. This is a simple way of keeping your vital files accessible wherever you are, without the need for cloud computing 6 Reasons to Avoid Cloud Services and Keep Your Feet on the Ground 6 Reasons to Avoid Cloud Services and Keep Your Feet on the Ground Thanks to services like Dropbox and Google Drive, we're giving up a lot more than we're getting when we use cloud storage. Here's a look at why you should be worried. Read More .

Cybercriminals see this as an opportunity: an email from yourself or another contact may sufficiently pique your curiosity and you’ll click on the enclosed link.

And we all know not to trust links in emails, right? This is how viruses spread and gain private data about users. It’s one way scammers can get past whatever security measures you’ve taken. By clicking a link, you’re essentially accepting a download of any software enclosed, which bypasses even the sandboxing process your browser uses What Is the Most Secure Mainstream Browser? What Is the Most Secure Mainstream Browser? The battle for the best desktop browser will never be settled. But which is the most secure? All boast having superior protection -- but in 2017, which is the browser of choice for the security-... Read More to keep your device safe.

How Are Email Addresses Spoofed?

Sending a new email message
Image Credit: Aaron Escobar/Flickr

So how does it work? How can you spoof, and subsequently spam, an email address?

All a scammer needs is a Simple Mail Transfer Protocol (SMTP) server—that is, a server that can send emails—and the right mailing equipment. This could simply be Microsoft Office Outlook.

You need to provide a display name, email address, and login information: basically, a username and password. The latter lets you into your own email account, but your displayed name and email address can actually be whatever you like.

Code libraries like PHPMailer streamline the process; you simply have to fill out the “From” field, write your message, and add in the recipient’s address.

We don’t advise you do this, obviously, because, depending on your jurisdiction, it’s illegal.

Most email clients don’t support the practice. They typically ask you to verify that you can log into the address you’re pretending to send messages from.

There are ways around this, but scammers bypass it using “botnets” as mail servers Is Your PC A Zombie? And What's a Zombie Computer, Anyway? [MakeUseOf Explains] Is Your PC A Zombie? And What's a Zombie Computer, Anyway? [MakeUseOf Explains] Have you ever wondered where all of the Internet spam comes from? You probably receive hundreds of spam-filtered junk emails every day. Does that mean there are hundreds and thousands of people out there, sitting... Read More . A botnet is a system of infected computers, acting generally without the users’ knowledge to forward viruses, spam, and worms to other devices.

Why Did Strangers Get Emails From Me?

In rare cases, you might get an angry message from a stranger who claims you sent them a virus. Yep, this is due to email spoofing.

When one machine is compromised, malicious software scours the address book and sends malicious software to contacts using that email client. These often claim to be from a friend of the infected computer’s user.

You don’t even need to know this person—their name is being used solely because you have a mutual contact!

A virus’ modus operandi is to prosper. They spread and infect as many machines as possible to gain as much personal information, and therefore influence, as they can. Most notably, this is through malware installed on a device through subterfuge, like a Trojan horse which purports to be something useful while hoovering up your data.

If you get a message from an irate stranger, explain that this isn’t your fault. Maybe forward them onto this page so they’re aware of what can be done. You could then try to isolate which contact you’ve got in common, so you can alert them that their system has been compromised. That’s a bit of a needle in a haystack, however…

What to Do If You Get a Suspicious Email

If there’s a link in the email, do not click it. Similarly, don’t download any attachments unless you know they’re genuine. It doesn’t matter if it comes from someone you think you can trust or not.

Read up on spotting a fake email 5 Examples To Help You Spot A Fraud Or Fake Email 5 Examples To Help You Spot A Fraud Or Fake Email The shift from spam to phishing attacks is noticeable, and is on the rise. If there's a single mantra to keep in mind, it's this -- the number one defense against phishing is awareness. Read More , and don’t ignore basic practices 7 Important Email Security Tips You Should Know About 7 Important Email Security Tips You Should Know About Internet security is a topic that we all know to be important, but it often sits way back in the recesses of our minds, fooling ourselves into believing that "it won’t happen to me". Whether... Read More if the email is supposedly from someone you know. We tend to be immediately skeptical of out-of-the-blue mails from our own address, but not of unsolicited messages from friends.

Then again, the fact that you know the sender should give you an advantage. You know if they’re likely to send a link on its own with no other text around it; whether their messages are long and rambling; or whether they always make spelling mistakes.

If nothing’s immediately obvious, check through previous emails and note patterns. Do they have a signature that comes through on all their messages? Do they normally send emails via their phone, and so have “Sent from my iPhone”, for example, at the bottom?

If you’re still not sure, simply ask the supposed sender.

What to Do If Someone Is Using Your Email Address

Laptop keyboard
Image Credit: Sarah Deer/Flickr

We always advise you not to click on anything you think might be malicious. Certainly don’t click on anything if the email appears to be from your own address and you don’t recall sending it.

If the message claims to be from you, check your Sent folder. If it’s there, but you didn’t send it, your account has likely been compromised. Equally, if you look on Gmail, you can see “Last Account Activity”, which might give you an indication about whether someone else is logging into your account.

You must change your password straight away. Check out these tips for creating a stronger password 7 Ways To Make Up Passwords That Are Both Secure & Memorable 7 Ways To Make Up Passwords That Are Both Secure & Memorable Having a different password for each service is a must in today's online world, but there's a terrible weakness to randomly generated passwords: it's impossible to remember them all. But how can you possibly remember... Read More .

Unfortunately, there’s very little you can do about spoofing, apart from become more savvy about spam.

But you need not feel entirely useless because you might be able to ascertain the Internet Protocol (IP) address from an email. You can trace the origin of email by learning to open headers and finding the IP address. This might look intimidating, but from there, you can then trace that to a PC How to Trace an IP Address to a PC & How to Find Your Own How to Trace an IP Address to a PC & How to Find Your Own Want to see the IP address of your computer? Perhaps you want to discover where another computer is situated? Various free tools are available that tell you more about a computer an its IP address. Read More .

How Else Can You Protect Yourself?

It can be a frustrating situation to find yourself in, but fortunately, more people recognize email spoofing as a scam, immediately sending such items to the trash.

They do serve as a timely reminder that we always need to keep every aspect of our online lives secure—that means social media feeds, your browsers, and your email accounts. You should familiarize yourself with the common email security protocols 7 Common Email Security Protocols Explained 7 Common Email Security Protocols Explained How do ISPs and webmail services protect email users? Here's how the seven email security protocols keep your messages safe. Read More . And speaking of spoofed addresses, find out if dark web scans are worth the cost The Experian Dark Web Scan: Do You Need It and Can You Trust It? The Experian Dark Web Scan: Do You Need It and Can You Trust It? Do you need the Experian dark web scan, and what does it really do? We examine dark web scans and whether they're worth the cost. Read More .

Image Credit: cienpies/Depositphotos

Explore more about: Email Tips, Online Security, Phishing, Spam.

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. FreddieInick
    January 30, 2019 at 7:02 pm

    [img]https://cdn.slidesharecdn.com/ss_thumbnails/14316190165554c5c8dbd85-150514155659-lva1-app6892-thumbnail-3.jpg[/img] This is one among the main considerations that needs to be checked out on the subject of getting a backpack that can carry your computer and even the bare essentials for a camping journey with just a few of your friends. 60 Euros but good luck getting your arms on a pair! Currently, the books are open and a 91mm mod starts at 50 Euros plus the cost of the wood and the SAK software itself. One might create a fire, scale a fish, open canned goods (if out there) and mainly perform any needed task to remain alive for a short time period. Robert’s books are presently open and the easiest way to succeed in him is by way of a direct message on Instagram. This is the most effective Swiss Army Climber Pocket Knife we have now come throughout. Victorinox Original Swiss Army Climber Pocket Knife (Red)Another great journey knife from Victorinox. The Green Technology in Victorinox started in the twenty first century.

    He is a modder out of Germany and you’d be finest served to actually navigate his site in ascending chronological order because I truly consider a few of his most superb items had been made previous to the legal complications with Victorinox. The knife itself will most likely be helpful daily, however outfitting your knife with a good set of weekly helpful equipment is the perfect approach to go. The sky’s the restrict, so it’s finest to contact him on to get a quote on your dream SAK. Just use the contact kind on his webpage and be sure to check out Facebook for additional information. Increasingly more persons are heading out and seeking the solitude and beauty of nature. This may be a reason why I carry a key-chain instrument, so people won’t pick on my treasured blade to pry stuffs. Okay hear up as a result of things may get confusing. Just a few issues to notice about Daily Customs.

    I can't identify another modder that keeps issues as related. He has too much in store for the future as properly, including Damascus work, making use of his Spydernox Midas contact to the 74mm Executive, and a few others he still has underneath wraps. Most of the aforementioned objects may be engraved for that special touch. In brief, if you are on the lookout for a watch that you can look great in and that can last you a very long time, your search is over. We're principally taking a look at titanium and brass right here, brass liners, and a signature Swiss cross reduce-out. Sean works out of his garage and mostly makes use of his Mini-Mill which allows him to form his scales and liners, engrave the cross, and drill holes for the screws. He also uses a easy bench grinder and a Ken Onion Workshop to get a nice bevel and edge on his knives. Like other modders, Christoph is a one-man present, with a small workshop in his German house.

    I a lot desire a deep carry clip, like what SAKModder has on his customs. Daily Customs does not hassle with this. Daily Customs allows for an optional clip and their implementation is tremendous clean and intelligent. This also embrace orange peeler with scraper which is beneficial for all in their day by day job. As what you see above, the Nite Ize DoohicKey is a part of my on a regular basis carry. A fantastic technique to see the city is on a riverboat which capabilities just like a city bus. Every producer of metal scales at all times instructs you to press fit them but this is rarely doable, the way in which it's with plastic scales. The strap can be of leather-based or steel - once more of many colors and designs. If you are eager on grabbing one of these gems, you'll be able to check out his Facebook web page. I listed him last because his custom scale work is out of this world. I used to be stunned to study that Kamil, a really proficient engineer, designs and builds custom the CNC machines which do the work for reducing out blanks and engraving duties. It doesn't make kitchen work sooner and simpler, it also makes it safer with sharp-edged knives.

    He just lately picked up a Mini-Lathe which is able to lastly permit him to make threaded standoffs, setting him aside from other makers. Basic tools that you'll want regardless of if you are at residence or on the go is a survival knife, flashlights with further batteries, or perhaps a flashlight that has a hand crank. Most firms have salesmen or different employees on the road so handing one of these kits to your travelling buyer will at all times go down properly. Stormtroopers also make an look, as well as varied textures and patterns. Within the meantime, make sure to check out his Instagram and webpage the place he sometimes posts new projects. Since then, he has teamed up together with his brother, Kamil, and they've been figuring out of the basement of an old industrial building in the old part of Gdansk, town the place Andrzej resides. As a toddler, Andrzej was fascinated with Ray Mears’ guide The Survival Handbook and was obsessed with making his own survival knife.