Contact us today!
(518) 203-2110

Evolve IT

Evolve IT has been serving the Saratoga Springs area since 1995, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tip of the Week: Know What Email Spoofing is So You Don’t Get Taken

b2ap3_thumbnail_email_spoofing_400.jpgHave you ever been the target of an email spoofer? This can be a difficult question to answer, especially if you don’t know what you’re looking for. Email spoofing can appear to be from legitimate sources, but the most important indicator is if the message looks like spam or fishy in general. If you ever receive a message like this, you might wonder why your spam filter didn’t catch such an obvious trap.

Email spoofing is when a hacker sends you a message that’s disguised as someone else, particularly someone you know or are associated with. This doesn’t necessarily mean that your contact has been hacked (though it could be possible), but it’s still a problem on your end. It’s up to you to identify and delete messages before you inevitably fall for one of these phishing scams. The only way to eliminate the threat of hackers is to take them seriously, and approach scams in an educated and informed manner.

How Email Spoofing Works
Email spoofing is a simple process that sounds like a lot of work, but the reality is that anyone with the proper tools can pull it off. All a spoofer needs is access to what’s called a Simple Mail Transfer Protocol (SMTP) server, and an email software. SMTP servers are fairly simple to find for free, which makes it easy to spoof names. The one on the receiving end will still see the true email address, but it will appear to be from the address or name that the spoofer enters.

Despite how easy it is to attempt an email spoofing campaign, there are still plenty of checks available that make it more challenging to pull off these days. The most notable check is called Sender Policy Framework (SPF), which takes the IP address of the sending server and then compares it to the SPF record of the appropriate domain. If the two don’t match, the receiving server denies the message. The Huffington Post describes how this works using the following example:

Let's say someone tried to spoof Bill Gates (billgates@microsoft.com): They would send an email on his behalf > the recipient server would then talk back to microsoft.com and say "Hey, I have an email that is coming from 123.123.123.123 stating that it was sent from billgates@microsoft.com."; > microsoft.com would then tell the recipient server, "No, sorry, it should be coming from 111.111.111.111." and the message would never get delivered.

What You Can Do Against Spoofing
Email spoofing, while easy to pull off, often can’t make its way through modern email solutions like Gmail and Outlook. Even if it does make it through a spam filter, spoofed messages can still be somewhat tricky to identify at times. In particular, a spoofer who has researched their target, and who they’re posing as (i.e., “phishing”), can represent a significant risk. What you want to do is look at the email address that sent the message. If it’s different from the email address you have on file, you know it’s a spoofer.

Another obvious way to spot a spoofer is if they make absolutely no attempt to disguise themselves, or if they pose as an institution that you regularly attend. If the message holds any suspicious links or attachments, make sure that you don’t click on them. Chances are that you could be walking right into a phishing scam. If the message asks you to confirm your credentials, don’t do as they ask. Organizations like banks or government agencies will never ask you to confirm information through email. Never log into a website using the links provided in an email unless you’re absolutely positive it’s not a spoofer. Instead, try to navigate to the website through your web browser using their normal URL.

One of the best ways to protect your business from email spoofing is to use an enterprise-level spam blocking solution, like the one Evolve IT offers. By utilizing such a powerful security tool, you can prevent most of your spam from even hitting your inbox, which means you don’t have to deal with potentially malicious or wasteful messages. To learn more about how you can fight against spoofing and other types of online threats, give Evolve IT a call at (518) 203-2110.

Comments

 
No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 30 July 2025
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up!

Free Consultation
 

Tag Cloud

Tip of the Week Security Best Practices Technology Internet Cloud Hackers Email Privacy Productivity Malware Business Software Business Computing User Tips Hosted Solutions Microsoft Upgrade Computer Efficiency Workplace Tips Google Smartphone Windows 10 IT Support Mobile Devices Innovation Gmail Network Security Ransomware Hardware WiFi Operating System Facebook The Internet of Things Social Media Bandwidth Microsoft Office Office Backup Apps Business Continuity Disaster Recovery Communication Hacking History Wireless Technology Two-factor Authentication Android Small Business Phishing Apple App Mobile Computing Best Practice Big Data communications Safety Alert Unified Threat Management Networking Quick Tips Data storage Data Windows Experience Firewall Content Filtering Cybercrime Money Mobile Device Management Network Website Smartphones Managed Service Provider Outlook Employer-Employee Relationship Tech Support Compliance Customer Service Managed IT services Drones Social Printer Browser Bluetooth Router Virtual Desktop Wireless Office 365 Securty Automation Unified Communications Document Management Saving Money Encryption Analytics Memory Law Enforcement intranet SaaS VoIP Lithium-ion battery Deep Learning Proactive IT Cortana BDR Network Congestion Social Networking Public Speaking Vendor Management Save Money Virtualization Music IP Address Laptop Monitors Government Cryptocurrency Keyboard IBM Augmented Reality Search User Google Docs Education Holiday Hard Drives Displays Cleaning Shortcut Black Market YouTube Processors Remote Computing DDoS Office Tips LiFi Staffing Downtime Heating/Cooling End of Support Word BYOD Passwords Streaming Media Help Desk Micrsooft Visible Light Communication Disaster Writing Business Management Business Growth Data Management Competition Robot Advertising Recovery Sports Presentation Entrepreneur Society Google Wallet Spam Domains Information Technology Running Cable Windows 8 Internet of Things Hacker Retail Hosted Solution Windows XP IT Services Documents Application Artificial Intelligence
QR-Code