With rising levels of cybercrime, organisations are increasingly being caught unaware by scams and fraud. Far from being sophisticated scams, in most cases cybercriminals are using basic methods – such as email spoofing – to achieve their ends.
Thankfully, as the methods used are often simple to spot, users can be taught to spot them with the right training (and testing).
What Is Email Spoofing?
Email spoofing is a spam and phishing technique used by cybercriminals to trick users into believing that an email came from a person or entity they know and trust.
During a spoofing attack, the fraudster sends an email with a “From” address appearing to be a trustworthy source, such as a friend, colleague, or senior figure.
Since core email protocols do not have a built-in authentication process, it is hard for the recipient to suspect the origin of the message.
Spoofed emails often bait users into opening malware attachments, clicking on malicious links, sharing sensitive information or make payments.
How To Spot A Spoofed Email
Understanding how email spoofing is typically performed can help users spot fraudulent emails.
The two most common methods are:
1. Mimicking a trusted email address by slightly changing the letters, numbers, and symbols of the original address
In this case, fraudsters create domains that can be easily confused for the company they are impersonating. For instance, they will replace @example.com with @exemple.com, making it very difficult for a regular user to notice the difference. Therefore, it’s a good idea to make sure that you cross-check the sender’s email address for poor spelling and inconsistent grammar.
2. Disguising the “From” field to look like a trusted source
Instead of manipulating an email address, attackers may decide to use it as it is in the “From” header. This kind of attack is known as a domain spoofing attack, and it exploits security holes in the underlying email protocols. Cybercriminals use public cloud infrastructure or third-party email sending services that do not verify domain ownership to spoof domains. To prevent this from happening to you, consider using email authentication standards such as DMARC.
Other Tips To Stop Phishing Emails
As well as checking email sources, there are other steps for mitigating cybercrime associated with email spoofing:
Check all links – Malicious links (to malware or fake websites) are a commonly-used tactic in email spoofing. So you should always check links before you click them. Hovering your mouse over an email link will display where that link points to. If it doesn’t look right, don’t click it.
Question requests for quotes – Some spoofing scams start with a request for a quote. This is so cybercriminals can get your company’s invoice stationery. They’ll then clone it, add their own bank details, then try sending the fake invoice to your customers (potential via a spoof of your email)to see if they pay it. If you receive a suspicious-looking enquiry, try looking up the sender and their email address in a search engine. You should be able to identify if the request is real or not.
Be wary of urgency – Most people don’t want to upset their boss. Cybercriminals use this fact to try to get people to respond quickly, using language to create a sense of urgency. If you’ve received a request supposedly from a manager or senior colleague to make an urgent payment, take the time to verify it with them by phone. This briefest of delays can save you a lot of money.
Akita provides email and online security solutions that can help stop phishing emails and reduce the chances of your organisation becoming victim to cybercrime.
For more information about our IT security solutions:
View More