A perennial hacking technique, businesses continue to fall for faked emails, costing them serious time and money.
Are you aware that someone can put any name or address they want in the “from” field on an email, just like they could on a piece of physical mail? This very common hacking technique, known as “spoofing,” is often employed by hackers when trying to get you to open malicious emails.
When do hackers use spoofed emails?
- Trick your staff into opening email attachments that contain malware
- Impersonate company leadership to request sensitive information
- Gain access to valuable data from third-party vendors
- Avoid spam blacklists
Because email spoofing is a central part of many of the most pervasive cyberattacks, like spear phishing, it’s important that your staff know how to identify those fraudulent messages, as an ounce of prevention can help you avoid significant financial damage.
How to Identify a Spoofed Email
Your team can use these strategies to identify a spoofed email.
- First, see if the name and the email addresses are correct
“John Simmons <[email protected]>”Notice how the name and email address seem to be pointing at different people? That’s often an indicator that the email originated from an inauthentic email address. This easy to spot method is the most common form of spoofing.
- In some cases, hackers will put more effort into dressing up a spoofed email to make them harder to spot, which will take a little more to identify. This method involves opening the email “header” to check the data from your email server. Here’s how you do this both the popular email clients
- Gmail – Click on the ellipses (the vertical 3 dots) of the message and select “Show Original”
- Outlook – Open the message, then navigate to File -> The header will display at the bottom of the Properties window.
See a huge screen of confusing technical information? Don’t worry! We only need to check on small part of this screen to see if the message is legit.
Scroll down and look for the “Received” field. Does the domain name there correspond with the name in the “From” field in the email? If not, then you’re looking at a spoofed email.
Let Complete Network Help You Defeat Email Spoofing
The reason spoofing is possible is because the protocol that email is based on, Simple Mail Transfer Protocol (SMPT), which was designed way back in 1981, doesn’t provide authentication records.
Thankfully, there have since been updates to email system, such as Sender Policy Framework (SPF) records and Domain Key Identified Mail (DKIM), both of which can help your email server authorize and validate incoming messages.
If you’d like help securing your email accounts against spoofed emails, or a customized cybersecurity training solution to teach your employees the last email security best practices, the Complete Network team is here to help! Contact our friendly team any time at (877) 877-1840