What is Email Spoofing?

Email Spoofing is where an attacker mimics someones name or email address on an email trying to trick their victim into responding and unknowingly perform malicious acts.

Another common form of Email Spoofing if whats called a Business Email Compromise (BEC) Attack. This is where an email account is compromised through any number of ways, but the account isn’t used to attack the victims network or steal their data. The email account is used to conduct other attacks, usually Spear Phishing. That is why if you are contacted by someone you know but the message doesn’t seem normal, either spelling, grammar, or the content, it is best to contact that person via other means instead of email.

How to detect Email Spoofing

There is usually something wrong with the email. For example: Their email signature is different than normal or the content might seem out of the ordinary.

If you are suspicious, check the email address that the message came from. Most smart phones and email applications will hide the email address and show only the persons name. The attackers know this and are able to edit the email to have the victims email client show the name of the person they are spoofing. Usually if you click on the persons name in the email it will show their email address. For example: The attacked with mimic Jane Doe (DoeJ@brandonu.ca) by using an email address of DoeJane@hotmail.com. The real account and the spoofed email will show Jane Doe as the sender but if you don’t look at the email address you wouldn’t know something is wrong.

Also, if you are unsure you can forward the message to AntiSpam@brandonu.ca. IT Services can review the message in the email logs and confirm if the sender if legitimate or not.

For more information please visit the Get Cyber Safe Spoofing website.