How Does Email Spoofing Work?

October  10, 2020

1:00-2:00AM PST

Email technology has come such a long way since it originated in the 1970s. Even so, core email protocols still lack any built-in authentication measures. Consequently, it has become increasingly common for email users to fall victim to spam and phishing emails designed to deceive them, which is why having email encryption software is important to have so you don't fall victim to these cybercrimes. One such form of cybercrimes is email spoofing.

What is Email Spoofing?

Email spoofing, a popular Internet scam, is the act of an individual sending an email so that it appears as though another person sent it. Typically, an email spoofing scammer will forge a sender address to impersonate a credible, recognizable source like a newspaper, financial institution, or enterprise. However, these scammers can also imitate trusted individuals, such as a recipient’s close friends or family members. Unfortunately, when an email from an allegedly legitimate email address is received, more often than not, individuals tend to approach these messages with an unwarranted level of trust. And “by pretending to be someone the victim trusts, the scammer directs their victim to a fake website that collects their personal information.” This process is commonly known as phishing

You can read the difference between email spoofing and phishing here.

Only within recent years have security measures been enacted to protect individuals and businesses from email spoofing attempts. Although unrefined, many solutions like DMARC, DKIM, and SPF have cropped up, making it more arduous for email spoofing scammers to carry out their attacks. Nevertheless, such kludges are not invariably applied, and a substantial host of loopholes persist. Bolstered by the ease at which scammers can accomplish forgery online, email spoofing remains a pressing security issue for all email users.

What Does Email Spoofing Entail?

Regrettably, security was an afterthought for the innovators who created what we know today as email. It was not until 2008 that updated security standards featuring the modern email structure were written. This structure contains three components: (1) the envelope, (2) the message header, and (3) the message body. Although every email program manages email uniquely, each speaks a common language -- Simple Mail Transport Protocol (SMTP), which enables the three components of email structure to communicate with one another. And SMTP is in the absence of a means for address authentication.

 

By changing various email sections to conceal the sender’s true identity, email spoofing scammers can successfully carry out their attacks. The following fields are often modified accordingly:

  • FROM: Forged name and email address
  • REPLY-TO: Forged name and email address
  • RETURN-PATH: Forged email address
  • SOURCE IP: Illegitimate Internet Protocol (IP) address

Email spoofing scammers can easily alter the “From,” “Reply-To,” and “Return-Path” sections merely by utilizing available settings on platforms like Gmail and Microsoft Outlook. However, making adjustments to a user’s IP address is rather complicated and necessitates an advanced level of technical knowledge.

 

Generally, spoofed emails that aim to collect the target’s personal information will include a web link. The email may appear legitimate and may even feature a specific company’s logo familiar to the victim. As a result, recipients typically do not hesitate before clicking on the included link. However, when clicked, this link will immediately send the victim to the scammer’s website, usually asking them to share confidential information like their username and password. In turning over such credentials, victims enable scammers to login to their account on a real site and potentially steal money.

 

Alternatively, many email spoofing scammers operate unlawful companies. As such, the email messages they send typically get flagged as spam upon delivery. Thus, these scammers will spoof an email address to appear as an above-board party to successfully reach their targets. These messages can give the impression that they originated from an average individual, a legitimate enterprise, or even a government entity. With this type of email spoofing, scammers aim to trick recipients into opening messages and reading the enclosed spam advertisements.

Why Do Scammers Send Spoofed Emails?

Although most typically carried out for phishing purposes, there are a slew of reasons why scammers might target victims with spoofed emails. For one, scammers might send spoofed emails to conceal the identity of the actual sender. Moreover, some scammers may turn to email spoofing to circumvent spam blacklists. When frequently spamming, scammers will undoubtedly be quickly blacklisted. By switching email addresses, scammers can push their spam through to their targets. Another reason to send spoofed emails is to impersonate an individual the victim knows. In doing so, scammers can successfully obtain sensitive information or even gain access to personal assets. Scammers may also send spoofed emails to impersonate a business the target has a pre-existing relationship with, allowing them to acquire confidential personal data like bank logins. Furthermore, spoofed emails might also aim to sully the image of the supposed sender. And by allowing scammers to get ahold of a target’s medical and financial records, spoofed emails can even enable scammers to commit identity theft.

How Can I Avoid Being a Target of Email Spoofing?

Among an individual’s best defenses against email spoofing is suspicion. If there is any doubt surrounding the validity of an email or sender’s legitimacy, it is best to delete it and contact the trusted sender’s email address straight away. It is imperative to avoid clicking the links included in such emails and refrain from entering any login credentials. Additionally, individuals should also avoid opening any file attachments included in these messages. Another element to keep an eye out for is an abundance of errors. Bad spelling and poor grammar, paired with an email address that is faintly incorrect, tend to give away scammers. Overall, “email spoofing is trivially easy, and the technical skills required to engage in this kind of attack are extremely low, and potentially hugely profitable.” So, email users should remain skeptical of any emails that seem too good to be true or that, conversely, seem dubious.

 

Keeping anti-virus and anti-malware up-to-date will also help individuals to steer clear of email spoofing. With Trustifi, the easiest and most comprehensive email security solution on the market, businesses ranging in size from small, mid-size, and enterprise will receive first-rate protection against all email spoofing and phishing schemes. Trustifi’s advanced threat protection services include spoofing, phishing, and fraud detection, stopping scammers in their tracks and keeping users’ personal, financial, and medical information secure.

Try Trustifi Today

For Business

See if Trustifi Is Right for Your Organization