What is email spoofing and how you can prevent it

Cybercrime cost businesses more than $600 billion in 2017. As a small- to medium-sized, you may think that you won’t be impacted by cybercrime. You may think “who would want to attack my business” or “we’re not big enough to be interesting to cybercriminals.”

You would be wrong.

Most cybercrime isn’t the headline-grabbing identity theft or massive attacks that have hit the likes of Target and Capital One. Most cybercrime is on a smaller scale from criminals hoping that lots of little attacks will go undetected long enough for them to make a killing.

One of the most pernicious forms of this type of cybercrime is known as spoofing.

What is email spoofing?

Spoofing is when cyber criminals pretend to be someone they are not in order to gain trust and get information. They do this by impersonating a person or source that is known to you or your business.

By one estimate, successful spoofers can hide within your network for an average of 146 days before being detected. That is more than enough time to access your important and sensitive data.

So how do they do it? They use technology to disguise their communications so it appears that it is coming from a person or organization they know you trust. That could be through fake email addresses or phone numbers. It could also be through fake IP addresses that redirect internet traffic or through fake ARP data in a local access network.

Email spoofing specifically refers to when cybercriminals create and send emails from an email address designed to fool their intended victim. Sometimes the email address is forged to seem like it is coming from your network administrator or IT team. Sometimes the email address is forged to seem like it’s coming for your bank, utility company, or another official source. In either case, they will use an address that’s likely to instill trust so you’re more likely to share the information they are asking for.

Email spoofing is the most common form of spoofing because email is a relatively open and unsecured system that allows you to easily message with people. This openness leaves it open to abuse. There are even websites that allow cybercriminals to quickly and easily spoof email addresses.

Spoofing or phishing?

If you have a general knowledge of cybercrime practices, email spoofing may sound like another popular cybercrime that we’re all familiar with: phishing. Phishing is another email scam that tries to get its victims to share sensitive and personal data with a stranger. These two tactics are, in fact, very similar and are often used together.

The difference between phishing and email spoofing is that email spoofing refers only to the practice of faking an email address to gain the victim’s trust. Phishing refers to the practice of writing fraudulent emails to get access to sensitive data.

There are plenty of phishing schemes out there that don’t use email spoofing to gain trust. Most of those emails end up in your trusty spam filter, exactly where they belong. However, more sophisticated phishers will use email spoofing to fool your email system’s spam filter, which is why you need to be vigilant when checking your email.

How to detect email spoofing

By targeting staff directly, email spoofing attacks can be the hardest to spot. Not all of your employees are IT experts and many have never even heard of email spoofing. Some may know what to look out for but many don’t. It’s important to inform and train your employees about this kind of attack and what they should be on the lookout for when checking their email.

These are the warning signs of email spoofing.

  • Non-specific email domain. Your bank, utility company, or network administrator will never email you from a yahoo.com or gmail.com email address, even if their name appears in the beginning portion of the email address (ie [email protected]). Most email spoofers are hoping that you are like the majority of the world who only skim the email contact details. By having the key trust factor as the first part of their email, they are hoping that you just pick up on that and not the service where the email originated.
  • Generic greeting. Whether the supposed sender knows you personally or is a company you patron, they will use your first name in their greeting because they know it. Any email that begins with “Dear customer” or just uses your email username is coming from someone that doesn’t already have access to your information and shouldn’t be trusted.
  • Request for personal information. Again, the people and organizations that email spoofers are pretending to be already have your information. You gave it to them when you were hired or signed on to be a customer. They will never ask for it through email because they know the dangers posed by email spoofers and how insecure email can be.
  • Strange attachments. In an attempt to fool spam filters, some spoofers will put the malicious content in an email attachment. These attachments will likely have .HTML or .EXE in their filename. These attachments can install malware on your device that will collect sensitive information and send it back to the spoofer.
  • Weird mistakes or inconsistencies. Remember that, odds are, any email that comes from a legitimate source will be proofread and edited to make sure it looks and sounds professional. They will spell your name correctly. Their name will match their email address. There won’t be weird typos. These are all warning signs that the email is coming from an email spoofer.
  • Sense of urgency. Spoofers are relying on you to make a decision quickly before your brain can register that something is off. Warnings like “Your account will be closed!” or “You are about to be fined!” or “You are going to be sued!” are designed to throw you off balance. The more panic they can induce, the more likely you are to fall for their scam. Legitimate companies will never communicate with you like this through email.
  • URL typos. Have you ever been asked to visit a website like verizon.co? That was probably a spoofed site designed to steal your login information. Spoofers will try and pass their site off as the real thing using spelling tricks or different domain extensions. Be careful and don’t click on suspicious links.

H Grant Designs Is Here To Help!

Email spoofing is one of the more common tactics cybercriminals use and can be tricky to spot. But careful email monitoring and simple training can help you and your employees identify this form of cybercrime to keep your business and your employees safe and secure. Contact H Grant Designs Today!

Posted in