We’ve all received scam emails from strange addresses and fake accounts. By now, these messages are easy to spot. What’s tougher and worrisome is email spoofing—defined as when a hacker purposely alters part of an email or email address to make it appear as though it was written and transmitted by someone else.
Often, the sender’s account and/or domain name are formatted to appear as if the email is coming from a legitimate source. Cybercriminals can easily create an email address that, upon quick glance looks exactly like yours: firstname.lastname@example.org instead of email@example.com. Some hackers can temporarily take over your email domain, sending spam messages from your actual address that you might not notice unless a client or contact points it out to you.
The toughest email spoofs to combat are the most accurate—some can even imitate your conversational style, contact list, and email template down to the last detail, making it look like any other email you would normally receive. This makes email spoofing possibly the most frustrating cyber crime to deal with, simply because, in many cases, once a hacker starts sending out emails purporting to be from your account, it can’t easily be stopped. Sometimes it takes days or even weeks just to trace the spoofed emails to their original nefarious source.
Why does email spoofing happen? Spoofed emails are often one component of a larger phishing scam or email compromise attack. Perhaps other illicit emails are disingenuously selling an online service or fake product, hoping you’ll divulge your password or other sensitive information. Perhaps the goal is to get you to open an attachment that will infect your computer with a virus, often of the ransomware variety. Perhaps the hackers hope you’ll click on an illicit link, which can in turn take over your email account and perpetuate the email spoofing scam out to more of your contacts (and your contacts’ contacts).
What should I look for to identify email spoofing? If you receive bounced or returned emails that appear to be in response to messages that you never sent, chances are your email account has been spoofed. If a trusted contact reaches out to you and says they received a suspicious email from your domain or email address, you’ve probably been spoofed.
Scammers will alter different sections of an email to disguise the actual sender of the message. Often the From field will look familiar, but inspecting the Reply-To field can yield clues. If the Reply-To address is different from the sending address, use caution. If you suspect you have received a fraudulent email, DO NOT click any link in the message, open any attachment, or submit any requested information.
In cases of email spoofing, immediate action is required to mitigate the consequences of a scam. The faster you alert a cybersecurity professional or other trusted IT provider like CMIT Solutions, the quicker you can put the brakes on email spoofing and avoid serious impacts to your company’s reputation.
What else can you do to stay safe? Make sure email passwords are different than those used to log in to devices and social media accounts. That way, if one password is compromised, not all of your accounts will be at risk. Beyond that, user education is the first line of defense against spoofing, phishing, ransomware, and other types of cyber crimes. Making sure your employees and co-workers understand what to look for in spam and scam emails is key to protecting your business.
New email hacks emerge on a daily basis, and comprehensive security requires a proactive approach to protecting your email accounts. At CMIT Solutions, we worry about IT so you don’t have to, working 24/7 to prevent our clients from the negative impacts of email spoofing, phishing attempts, scams, data breaches, malware, viruses, and more. Contact us today to learn more.