All About Email Spoofing


Have you been there? That awkward moment when you realize a spammer has sent emails to everyone you know encouraging them to buy the latest male enhancement drug. Yep, it happens, and it’s super embarrassing.

But there are ways to avoid the intrusion and actions you can take to rectify the situation if it happens to you…

What Is Email Spoofing?

Email spoofing is when someone forges an email header so that the email looks to have originated from somewhere other than the actual sender as an act of sending spam or for fraudulent purposes.

Spammers can and will find your email address and use it for their own misdeeds. The worst part is that it typically happens to email addresses that haven’t been used for a while, so you might not know about it.

Spoofing is possible because of what is called Simple Mail Transfer Protocol or SMTP. SMTP is the main protocol used when sending email and does not include an authentication mechanism. This means that anyone with a little knowledge about a specific server can manipulate it to send messages with inaccurate header information.

Most spoofed emails are only nuisances that are quickly moved to the bin, but be aware that spoofed messages can sometimes be the means of transfer for malicious activity. Such malicious messages could potentially lead to security threats and other serious problems.

For example, if a malicious message appears to be sent from a familial person or institution some readers will feel safe enough to divulge sensitive information such as bank numbers or passwords.

To avoid further embarrassment and the potential personal threats that could occur from spoofing follow these recommended steps…

1.Find the source

If you face a spoofing situation, the first step in stopping the spam is to find out whether the problem is from within your computer or is simply being sent from someone else. In some situations, when multiple spoofed emails are being received, you could actually be the address sending the messages. You would then receive the messages that have ‘bounced back’ to your email. If you feel that you could be facing this problem or that your computer may be compromised it is essential to run a malware/virus scan as well as change your email password as soon as possible.

2.Tell someone

If you are in a situation where you are receiving spoofed email that is not originating from your own compromised email address, it’s important to let the proper channels know. If you alert your ISP (internet service provider) they can sometimes trace the IP used and stop further abuse. At the very least, they can give you some advice and help you find alternative solutions, such as closing an account that is being abused and opening a new one.

3. Be smart

Once spoofing starts there really isn’t much you can do to stop it, and you certainly can’t get the offensive male enhancement messages back from your grandmother’s email account. But, if you use some common sense when surfing the web, you can do your best to protect your address from potential spoofers.

Simple steps include keeping a primary account for personal use that you only use to communicate with people you know and trust. You can also, kleep a throw away account for public use and the never ending stream of newsletters you get from online shopping or signing up for free services. This way, if you have to delete the account you won’t miss it much.

4.Clean up

Delete any old or unused email accounts you may have to reduce risk. Also, fetch any emails from accounts you don’t want to delete but rarely check. This serves as a convenient way to keep an eye on all accounts. This limits the amount of spoofing that can be done with your name attached. Keep all of your email accounts in check and make sure to change your passwords often, at least every three months.

5.Use encryption

Prevent your emails from possible corruption by using an email encryption. This keeps all unauthorized users from being able to read your messages by making them look like digital gibberish to anyone else.

If you use a Web-based email you can use SSL (Secure Sockets Layer) encryption. You will see the padlock in the web browser whenever an SSL in in use. This adds an extra layer of protection to be certain that the only eyes seeing your sensitive information are the ones intended.

For more information about spoofing or if you feel the need for additional tech help please visit our support staff.