Mail Spoofing; What is it? And what can you do?

< Top 3 Major Benefits of Running an E-commerce Website

Best ways to increase conversions on your Info or Service based website >

August 8th, 2019 at 8:37 am star

What is Mail Spoofing, and why do people do it?!?

The word spoof means falsify. A spoofed email is one in which the sender changes parts of an email to look as though it were written by someone else. Typically, the sender's name or email address and the body of the message are changed to appear as though they're from a legitimate source such as a bank, newspaper, or company the recipient does business with.

The reason scammers change email information is to get people to trust them. They hope recipients of the message will take additional steps, such as following a link to a fake website intended to collect personal information (a process known as phishing); or open, read, and respond to emails about products or services they want people to buy.

How Spoofing Works

Scammers/spoofers change different aspects of an email to disguise the true sender, including the following properties:

FROM: Name and email address
REPLY-TO: Name and email address
RETURN-PATH: Email address
SOURCE IP: IP address

The first three properties can be easily altered by using settings in Microsoft Outlook, Gmail, Hotmail, or other email software. The fourth, the IP address, can also be altered but doing so requires sophisticated knowledge.

Why Scammers Spoof

In the case of phishing, the scammer sends a spoofed email message, which has a link to a website. The message may look legitimate, and even have the logo of a company the recipient does business with, such as a bank, so the recipient may not think twice about clicking. However, if the link is clicked, it goes to the scammer's website, which is fake and has been set up to collect personal data.

The recipient may be asked to enter a username and password, and then given a message that the website is down. Meanwhile, the scammer has collected the recipient's login information for the actual site and is busy taking money out of their bank account before they realize what's happening.

Another scenario involves scammers who run illegitimate businesses. Their email messages get flagged as spam before anyone can read them, so they spoof them to make it look like the messages are from a legitimate entity. The emails may appear to be from an ordinary person, a real company, or a government agency. The purpose of this scam is to get recipients to open the messages and read the spam advertising inside.

Types of Spoofing Software

While some spoofed emails are changed by hand, the majority are created by custom software. For example, the use of mass-mailing ratware programs is widespread among spammers. These programs run built-in word lists to create thousands of target email addresses, spoof the source email, then blast the email to those targets. Or, the ratware takes illegally acquired lists of email addresses and sends spam to them.

Mass-mailing worms are also common. Worms are self-replicating programs that act as a type of virus. Once on a computer, a mass-mailing worm reads the email address book of the recipient, then falsifies an outbound message to appear as though it's from a contact in the recipient's address book, and sends it to the entire contact list. This process may offend recipients, and tarnish the reputation of the innocent sender.

How to Recognize and Defend Against Spoof Emails
As with any con game, your best defense is skepticism. If you don't believe an email is truthful or that the sender is legitimate, don't click the link or enter your login information. If there's a file attachment, don't open it. If an offer in an email seems too good to be true, it probably is, and your skepticism will save you from giving out your personal information. Finally, study examples of phishing and spoof email scams to train your eye to distrust these messages.

What to do if you Find You've Been Spoofed

Many times you won't even know your email has been spoofed until you've received a bounce back from an invalid recipient. This means that someone pretended to be you (using your email address) and sent an email to an email address that doesn't exist. And the server bounced that message back to you. What do you do if you get one of these bounced back messages? A spoofed email does not mean that your email account was hacked or hijacked. It simply means that someone pretended to be you. And anyone can do this.

First, there is currently no way to stop spoofing, especially if they masked their IP address. Email wasn't built to make sure the person sending the message is who they say they are. And that's created a headache for billions of innocent email users out there.

My additional advice is to also report it to your Internet Service Provider. They have more time and tools to do more research and may be able to block messages from the IP address. Of course, the IP address can be spoofed. But ISPs are constantly fighting this too. If you have phishing, spoofing or malware issues, contact your ISP:

Comcast: constantguard.xfinity.com/help/report-abuse/
CenturyLink: Email spam@centurylink.net ; also offers tips for spoofed phone numbers and advises customers to call CenturyLink Annoyance Bureau at 800-582-0655.

You can also report spam, phishing, spoofing and other email annoyances to these sources:

U.S. Federal Communications Commission: consumercomplaints.fcc.gov or 888-225-5322
U.S. Federal Trade Commission: Forward phishing emails to spam@uce.gov; file a complaint at ftccomplaintassistant.gov; or read more at consumer.ftc.gov/articles/0003-phishing

Also, as an extra precaution in case your email was compromised by such things as keyloggers, you should scan for any malicious software and remove any found. Then update your email passord to a new complex password.