Have you ever been spoofed before? One way or another, everyone has experienced spoofing. Whether it’s a prank pulled on you by your roommate or your favorite film is wildly exaggerated in the movies, you’ve seen it. There is however, a darker and more destructive kind of spoofing known as, email spoofing. Just how destructive can email spoofing be? Imagine yourself logging into your email and finding numerous bounce back emails. Imagine your co-workers asking you to stop sending them ads or worse, asking you to give back the money that they just wired to your account.
What is Email Spoofing?
In its basic sense, email spoofing is a forged email. At first glance, it may seem that an email originated from someone you know or even yourself. Or, it can appear as though it came from someone within your company. Spoofing is just a part of a grander online scam. It is used by spammers who are “spear phishing” for information from unknowing users. These hackers most commonly target credit card information, banking login details and company trade secrets. According to a study last year, spear phishing cost large companies an average of $1.6 million.
How Does Spoofed Email Differ From Hacked Email?
A hacked email would comprise of a hacker actually gaining access to your mailbox and sending emails to recipients, using your own mail servers. This can be verified if you find emails in your sent items that you haven’t sent out personally.
A spoofed email in contrast would have no emails in your sent items because your mailbox wasn’t used at all. The cyber criminals are using your email address to make it seem as though their forged email came from you or from someone you know.
Guarding Against Spoofing
Your IT Managed Services Provider (MSP) or internal IT contact should have an email filter setup for your company, as a best practice. In most cases, spam and unwanted emails will never reach your mailbox. However, this doesn’t guarantee that you will never receive spoofed emails. Complex algorithms and filter settings cannot be overly sensitive; otherwise you may not receive any email at all. This is exploited by cyber criminals and thus spoofed emails sometimes pass through security checks. How can we therefore guard against spoofing?
Keep Your Anti-Virus up to Date
This is your last line of defense against malware or virus introduced via Email. Most anti-virus software will block compromised email attachments and warn you about opening links.
Implement a Password Policy
Habitually change your password. This may seem to be bothersome at times, but it is still a good countermeasure to prevent compromising your account. Some of the easiest passwords to break are those associated with your personal data e.g. birthday, social security number, etc. If your password appears on the list of the top most common passwords of 2016, then you are overdue for a reset.
Educate, Educate, Educate
If you have time to spare, read up on cyber security and spear phishing. There are a lot of resources over the internet on this topic. Make sure to brush up your skills on the different why’s and how to’s against these online scams. It is important to learn what simple actions can be taken to safeguard your personal information and company data, such as, avoid posting your email address online. As anything on the internet is fair game, everything you post online can be captured by spammers. They need not do it themselves either as these spammers have harvesters or “harvester bots” to capture email addresses online.
Have a secondary email address. If you need to subscribe to a newsletter or sign up for a coupon at your local supermarket then consider creating another email account that you may not want to keep. For unimportant online transactions there is always Google or Hotmail.
Once an email address is spoofed, there is little we can do about it. The steps above will help in securing your account moving forward. Therefore it is imperative that you prevent your email from being compromised.
Identifying Spoofed Emails
“Spear Phishers” are getting more sophisticated and creative when spoofing emails. They have all the time in the world to generate a very “authentic” looking email. Separating spoofed emails from the real ones may take a little getting used to. Here are a few things to do and lookout for to safeguard against attacks:
- The display name is the easiest thing to spoof. Make it a habit to check the email address.
- Spoofed emails will almost always contain attachments or links to different websites that can infect your computer. Be wary of those links.
- Email asking for detailed and at times, personal questions e.g. Social Security Number etc.
- Always remember that login credentials should never be asked (or freely given) over email, if asked.
- Subject lines marked “urgent” or “time sensitive” must be scrutinized even further.
- Verify the signature or the email construction from previous emails or, better yet, if you know who sent the email, contact them directly.
These are only personal guard rails against spoofed emails. It is not, however, a guarantee that a spoofed email will be spotted. When in doubt, report it to your MSP or internal IT contact once.
What to do When You Receive a Spoofed Email?
Inform Your MSP or Internal IT Department
Once an email is spoofed, your email administrators will have to work on tracing the originating IP Address and block it at a domain level if needed. The administrators will also be responsible to ensure that your mail servers have the latest security protocols in place to prevent and filter spoofed emails.
Do Not Open the Email
Create a new email instead, add the suspected email as an attachment and send it to your support team and delete the suspicious email afterwards. Do not forward the email to your support team as the email header will be changed and tracking the original sender will be difficult.
Do Not Open Any Attachments
These will most likely be malicious software aimed at infiltrating your company’s network.
Do Not Click on Any Hyperlinks
Most spammers know that anti-virus software will detect malicious attachments. Instead, they use websites of their own making to lure users into keying their credentials or other personal data and capture it using key loggers.
At the end of the day, your awareness about these kinds of online scams will protect you from falling victim. Educating yourself and your employees together with a reputable Managed Service Provider will most certainly increase your security against Spoofing.