Email Spoofing

Email Spoofing FAQ’s

The word “spoof” means “falsify.” A spoofed email is one in which the sender purposely alters parts of the email to look as though it was written by someone else. Typically, the sender’s name or email address and the body of the message are formatted to appear as though they are coming from you.

How Is Email Spoofed?

Dishonest users alter different sections of an email to disguise the true sender. . They change one letter or symbol like an “O” to a “0” or an “I” to a “1” and the recipient fails to notice the difference and replies to the email Examples of properties that can be spoofed include:

  • FROM name/address
  • REPLY-TO name/address
  • RETURN-PATH address
  • SOURCE IP address

 In many cases, the spoofed email is part of a phishing attack—a con. In other cases, a spoofed email is used to dishonestly market an online service or sell you a bogus product.

Did I do something wrong? 

If your email was spoofed you didn’t necessarily do anything that exposed you. While some spoof-altered emails are falsified by hand, the great majority of spoofed emails are created by special software. The use of mass-mailing ratware programs is widespread among spammers.

What should I do if I think I have been spoofed? 

Contact us! If the spoofing is recurring and causing a lot of inconvenience, the best thing to do would be to delete the account and start over with a new email account. Since this isn’t always possible, we can create a temporary filter in webmail to keep the bounce back emails out of your inbox until the spammer moves on. They usually only last for a week or two, sometimes less.

 We will change your email address and add the current email address as an Alias so that you keep receiving emails. You will need to contact your regular business contacts. Let your connections know that you have been a victim of spoofing and that your email address is now changed and ask them make sure they double check any emails that appear to have come from you BEFORE opening them or clicking on anything. Have them question if you asking for something you typically wouldn’t ask for. We had a client recently spoofed. An email went to the entire team asking them to click on the link and purchase some gift cards as a customer appreciation spiff. They were told they could expense the purchase on their next expense claim. It seems legit, but this was never requested before. 

How can I protect myself? 

The short answer is, not much. There are no definitive ways to prevent someone from harvesting your email address from the internet somewhere and using it for spam.

Here are a few places spammers may acquire your email address. There are programs and software designed to do nothing else but scavenge the internet for email addresses:

    • On a website contact page
    • Domain WHOIS records (Hover offers free WHOIS privacy on all domains that support this feature.  We recommend using it whenever possible)
    • Mailing lists.  Some of them are legitimate, but others may sell your information
    • Anything you post online with your email address in it

 

While there is no fool-proof way to prevent spoofing of your email address, there are some “best practices” to follow when it comes to your email security:

  • Change your password frequently.
  • Always run full virus scans on your computer (at least once a week).
  • Avoid including your email address in online blogs and posts. Try using (at) and (dot)com instead of @ and .com to prevent malicious automations from harvesting your address.
  • Avoid using your primary email account for everything online. If you are signing up for something like a mailing list, contest, application form, or something similar, use a free throwaway email account like Gmail or Hotmail, something you don’t mind deleting if it gets abused.
  • Only use your primary email to communicate with people you know or trust.

Can’t you protect me? 

We have software in place to watch for things like this. However, with that said, we can only protect you from things coming into your network through the firewall. Once we take over full support of your network we can ensure computers have regular virus scans and your WiFi is properly encrypted. The firewall we install scans your incoming and outgoing traffic, looking for any suspicious signs, such as malware or data leaks. If it finds malicious communications that’s trying to leak confidential data leakage, it acts to stop it and block the data from reaching cybercriminal servers and other infrastructure.