The other day I got an instant message from a friend who franticly told me “I keep getting spam from myself!” He went on to explain that his torch and pitchfork-carrying co-workers were also seeing the same thing.
One thing led to another, paranoia grew into pandemonium, and before they knew it everyone was throwing around the “R” word. Thankfully, before they “reformatted” every computer on their network with hopes of closing the door on the supposed hacker, my friend wisely called on me (his buddy in the email security business) to offer some insight. “Worry not my friend. Worry not.” I confidently exclaimed . “All you’re seeing is a spoofed email address, nothing more.” As I went on to tell him about the ins and outs of email spoofing, his mind was put at ease and his company’s network-wide reformat was safely averted. But what exactly is email spoofing? I’ll explain to you as I did to him.
What is email spoofing?
Email spoofing is a tactic that spammers use to make your email server think that you are sending a message to yourself, therefore it is “OK” to let the message through. In actuality the messages are not from you…it just looks that way. Wikipedia explains it well:
E-mail spoofing is a term used to describe (usually fraudulent) e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. The result is that, although the e-mail appears to come from the address indicated in the From field (found in the e-mail headers) it actually comes from another source. (http://en.wikipedia.org/wiki/E-mail_spoofing)
How common is email address spoofing?
Spoofed addresses are extremely common because of the high rate of successful delivery when sent to unprotected email addresses. A quick check of my own spam quarantine shows that in the past 30 days alone, Mailprotector’s spam filter caught 52 spam messages that look as though they were sent from my own email address. These messages account for over half of all the spam in my quarantine for that time period. Thanks to Mailprotector I have never received even one of these annoying pieces of email in my inbox, but my friend and others like him don’t fare so well. Many email users get spam from a spoofed address that looks like their own on a daily basis.
Is email spoofing dangerous?
Not always, but it definitely can be. Spoofing an email address is as easy as putting a forged return address on a package or envelope, and (in much the same way) it’s the contents you have to watch out for. Messages that use email spoofing to get from point A to point B may contain content that’s simply annoying, such as links to canadian pharmaceutical websites. On the flip side such messages may also contain viruses, trojans, worms, or links to phishing websites that are standing by to automatically install harmful malware as soon as you click.
How to stay safe from email spoofing
The best practice when it comes to spoofed email addresses is to simply never open an email if it’s from your own address. Just delete that sucker and move on. Even better yet, use a good email security service to filter out emails that use advanced address spoofing tactics. If you go with a managed solution such as Mailprotector, they will be blocked before they ever even get to your email server. Nice.
