What is email spoofing:
Email spoofing is when the sender of an email, typically a spammer, forges (spoofs) the “From” address in the email header so the email being sent appears to have been sent from a legitimate email address that is not the spammers own address. The tactic can increase the spam messages seeming authenticity. You’re more likely to open email that purports to come from a person or a company you know than email that comes from a total stranger.
What to look for:
If you’ve received an email you suspect is a spoofed email, you should be able to see the IP address for the computer that sent the spam in the header of the email, allowing you to determine where the message came from. You can then contact that PC’s Internet service provider and have that IP address blocked. In the short term, that may stop the email spoofing and the bounced messages.
In the header of the email, you should be looking for something like this:
Received: from [220.127.116.11] (18.104.22.168.servername.com [22.214.171.124])(Authenticated sender: firstname.lastname@example.org)by something.servername.com (Postfix) with ESMTPA;
Fri, 4 Jul 2016 19:28:23 +0000 (UTC)
This is just an example using fake information, but the key thing to note here is “Authenticated sender”. This means the email was sent after authenticating the sender by means of username and password, therefore, it was actually sent through the outgoing mail servers using the email account login credentials. This is when you should run a full system virus scan and change your password as mentioned above.
How to prevent email spoofing:
While there is no foolproof way to prevent email spoofing, we recommend you adopt some email security best practices:
- Change your password frequently
- Always run full virus scans on your computer (at least once a week)
- Avoid including your email address in online blogs and posts. Try using [at] and [dot]com instead of @ and .com to prevent malicious crawlers from harvesting your address.
- Avoid using your primary email account for everything online. If you are signing up for something like a mailing list, contest, application form, or something similar, use a free throwaway email account like Hotmail, something you don’t mind deleting if it gets abused.
- Only use your primary email to communicate with people you know or trust.