What is email spoofing?

Last Updated On: March 11, 2019

Email spoofing is when the sender of an email, typically spam, forges (spoofs) the email header “From” address so the email being sent appears to have been sent from a legitimate email address that is not the spammers own address.

 

Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source. The goal of email spoofing is to get recipients to open, and possibly even respond to, a solicitation.

 

Although most spoofed email falls into the nuisance category and requires little action other than deletion, the more malicious varieties can cause serious problems and pose security risks. For example, a spoofed email may purport to be from a well-known shopping website, asking the recipient to provide sensitive data such as a password or credit card number. Or the spoofed email may ask the recipient to click on a link that installs malware on the recipient’s computing device. One type of spear phishing used in business email compromises, involves spoofing emails from the CEO or CFO of a company who works with suppliers in foreign countries, requesting that wire transfers to the supplier be sent to a different payment location.

 

Steps to follow

1. Scan your local PC with some up-to-date antivirus software.

2. Change all passwords for your email accounts to make sure they are fully secure.