By now, you probably know better than to send money to a Nigerian prince who needs help accessing his fortune, and you probably would be suspicious if your bank sent you an email asking for information it already has. But what if one of your close friends or family members sends an email needing a favor involving a small wire transfer or loading a prepaid card with funds to get them out of a bind?
You wouldn’t want to let your friend or loved one down in a time of need, and you know they’ll pay you back. Only problem is, the email is a spoof. It looks legit, but your friend or family member didn’t send it.
Spoofed emails are similar to phishing emails. Phishing emails try to lure you into giving up sensitive information. Spoofed emails may do the same, but they can also be advertisements (i.e., spam), other types of scams, or malicious messages that attempt to get you to download malware or click a link.
The hallmark of email spoofing is that it arrives disguised as being from someone else. In some cases, the spoofed person’s account has been hacked, but this isn’t normally the case.
All an email spoofer really needs is a SMTP server and email software. The SMTP server allows the spoofer to display a fake sending address. If you look closely, you can still see the actual email address. The spoofers are counting on the fact that most people won’t give the message a second look.
Fortunately, there are some technologies being used today that make a dent in email spoofing. For example, Sender Policy Framework (SPF) communicates with the server associated with the spoofed domain, comparing the IP address of the sending server with that of the SPF record of spoofed domain. This all happens in the background. If the two IP addresses do not match, the spoofed email won’t land in your mailbox.
SPF makes a dent, but it’s not perfect and spoofed messages may arrive in your email inbox. Get in the habit of comparing the person’s name and email address in the message. Most email clients have a means of viewing the message’s headers. For example, if you receive an email from email@example.com but the message’s header shows that the email came from firstname.lastname@example.org, you could be dealing with a spoofed email.
Another clue is when the message doesn’t match what you know about the sender. For instance, if your mom always opens her messages with a “Hey Sweetie,” and a spoofed message from her skips this term of endearment, it could be a spoof. Some spoofers don’t take their disguises any further than the spoofed name. They just want you to click the link or open the attachment.
In general, if a message contains a link or an attachment, be skeptical. Get in the habit of typing URLs directly into web browsers rather than clicking on links in emails. While links are convenient, they’re also easy to spoof. Keep in mind that most organizations such as banks, government institutions, insurance companies, PayPal, eBay, and others will never ask you to update or confirm your information through email.
What else can you do about email spoofing? Quikteks offers a comprehensive spam blocking solution that can keep your inbox free of spam, spoofed messages, phishing messages, malware, and more. By protecting your organization’s email system with a spam blocker, your employees can go about their business without being tempted to click on malicious messages. Your network will be more secure as a result.
To learn more about fighting spam, give us a call at (973) 882-4644.