What is Email Spoofing?
The trend of internet exploitation has moved away from viruses and trojans. Hackers are no more interested in just deploying these small infectious agents in others PCs unless there is any economic benefit in doing it. Getting access to the computers using technologies like malware, spambots, etc has become widely prevalent today.
Getting access to the computer of a well settled person is like getting access to his wallet. Since there is no complete solution for internet vandalism yet, awareness of the methods of exploitation is what can be helpful in present day situation. This article is about eMail spoofing – one of the common methods used by cyber criminals.
Understanding eMail Spoofing
A spoofed email is simply – an email sent impersonating a legitimate source. Generally, the sender will change the FROM address and other parts of the e-mail header like Return-Path, Reply-To, etc to make it appear that it originated from some other. This is generally done by adjusting settings of the email client like Mozilla Thunderbird, Outlook Express, Eudora, etc. There are a few websites too that offer sending of emails where the sender has option to enter any email address in the FROM or Reply-To fields.
Common Deceptive Tactics Used in eMail Spoofing
A standard email function like SMTP is used in email spoofing. The email programs allows them to modify email headers and thus forge the email originating identity. The most common deceptive tactic is that the spoofer sends out emails to thousands, even millions, of email accounts spoofed in name of a well-known company. The typical phishing email will contain a clever story designed to lure people into some action like clicking a link or button in the email or calling a phone number.
The link in the email might redirect you to a spoofed website which in turn will be used to capture data.
Possible Spammers intention behind a spoofed eMail
Though sending of spoofed emails is very simple compared to many of other deceptive online tactics, it has much higher potential to gain profits for the spoofer. Email spoofing is generally used for obtaining login details of financial information of a person. Once they have access to the account they can make withdrawals from the account or authorize payments for online purchases.
Identifying Spoofed eMails
Common methods to identify a spoofed email is as follows:
- Emails from banks or finance related sources that do not address you by the name you registered with them can be suspected as a spoofed email. Ebay, PayPal and banks will never send out general emails saying “Dear valued customer”, or “Dear member” etc…
- You can quickly tell if the link in the email is a spoof by hovering your mouse over the link in the email and comparing it with the link appearing in the status bar.
- View the “FULL message header” to know where the email came from
- Read your email carefully and look for any spelling or grammatical mistakes.
- Consider any website asking for your PIN (personal identification number) as a spoof.
- Some spoof sites will include pop-up message boxes. It is better if you do not entertain such emails.
- Most spoof emails will create a false sense of urgency like a message saying that your account will be locked out or deleted if you don’t act quickly.