What is email spoofing and why it is a threat to your business

Updated at: Oct 01, 2019
By Gatefy

What is email spoofing

Email spoofing is a technique used by cybercriminals to apply scams and threaten your email protection. The email spoofing happens when a fraudster creates fake sender addresses to deceive his victims. It’s a tactic widely used in phishing, spear phishing and spam campaigns.

Email spoofing is possible because the sending of messages is based on SMTP protocol, which doesn’t have advanced authentication mechanisms. That's why attackers can identify themselves as being from someone else's domain. In other words, they can use your company's domain and you won't even know it.

Email spoofing in practice

Spoofing is used for various purposes. Imagine that someone is using a bank's fake domain requiring you to update your account information, otherwise you could lose access to your account. But, to do it, first you have to provide your login and password.

Another example: you receive an email of an unmissable special offer from your favorite clothing store. So you click on the promotion banner, access the website, which is a fake version, and make a fake purchase using your credit card. Yes, they now have your credit card information.

It’s also possible for the criminal to send you a malicious link or attachment with the purpose of infecting your device with a virus, trojan or malware. The hacker can then access and control your device.

In more elaborate scams, the attacker will impersonate someone you know, such as your boss or a company that you regularly do business with, to request a wire transfer or a bill payment. That’s a Spear Phishing scam.

Solutions: SPF, DKIM and DMARC

There are tools to minimize email spoofing risks and enhance your email security. SPF (Sender Policy Framework), DKIM (Domain Keys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance) authentication protocols work precisely to increase the protection of your email network.

Basically, SPF, DKMI, and DMARC work to prevent other servers from sending emails using your domain. Ideally, your business should use all three protocols for maximum protection.

Secure Email Gateway (SEG)

A good Secure Email Gateway software should help you with the setup of these types of protocols. In addition, a SEG has other tools to keep your business secure and your email protected, such as anti-spam, anti-virus and Sandbox.

Avoid forgery

The FBI and the Federal Trade Commission recommend some security measures to avoid spoofing and increase your email protection, such as:

- Be suspicious of emails that require sensitive information.

- Avoid filling out forms in email messages.

- Check URLs and attachments before clicking on them.

- If you need to update an account, log in directly in the company's website.

- If in doubt, check the veracity of the message by other means, such as by phone or through the company's official customer support. If the message is apparently from someone you know, get in touch to confirm its veracity by creating a new email and sending it to an address you know is legitimate, instead of hitting "Reply".