What are spoof emails? How do you avoid them?

From holiday scams and data leaks to CEO phishing, we have covered quite a bit of topics on how to protect yourself, your employees and your business against scammers trying to steal your identity and hard-earned money. Some scams are new and innovative while others, like spoofing, are tried and true tools that prey on human nature to gain unauthorized access to your workstation, data, or personal and financial information.

According to a study by McAfee Labs, 80% of business users failed to spot a malicious email. Recently, we’ve heard from several customers about “spoofing” attempts. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. In fact, scammers “spoof” because they know you are more likely to welcome and take action on an email from a familiar party (family, friend, vendors like PayPal, Amazon, Quickbooks, etc.).

Spoofing is possible because email was structured to allow for many systems (your primary mail system, your accounting system, your CRM system, your website, etc.) to send your mail. This flexibility also produces the vulnerability to spoofing.

Part of the threat related to spoofing is that it is not executed using malware or a virus, meaning that there is very little to detect, and so software and hardware protections are not entirely effective in filtering out this kind of email.

How to identify a spoofed email

There are a number of ways in which you can quickly and proactively identify a spoofed email before taking action on the email in your possession. Here are some things to look out for:

1. Absence of company logos and letterheads.

2. Poor grammar and/or spelling.

3. The body of the message is an image rather than true text.

4. File attachments ending in: .exe, .zip, .bat or any other container-type of file.

5. Check the origin web site of the email. Often, it will have the name of the familiar company in it, but it will have extraneous information in the web address. For example, instead of an email coming from info@amazon.com, it might come from info@amazon.xyz123.com meaning they simply added the Amazon part to make it look familiar to you, but the web site it came from was really www.xyz123.com.

6. Do you have a bad “gut feeling” about the email? Our instincts are honed to subconsciously detect slight aberrations, so trust the gut and check with our support team before you click any links or give up any information.

How to avoid malicious emails

  1. Be aware of email requests with high urgency and quick action. If you are ever in doubt, double check the request with the sender either by phone or by composing a new email—never reply to the email itself.
  2. Never give personal or financial information over email. Trusted parties will never ask you for personal information through email.
  3. Don’t click on links from messages that contain misspellings. If an email from a well-known company is formatted badly, has obvious misspellings or is unrelated to the product or company, this is a red flag.
  4. Think about whether you initiated the action. Always be suspicious of unsolicited email, if you didn’t prompt a password reset — don’t click the link.

If you ever have a question about an email you receive, don’t hesitate to give us a call. With cybersecurity threats on the rise, it really is better to be safe than sorry – and we are here to help!

Note: Thanks to our friends at Intermedia for providing several tips

on how to avoid phishing. They have published an informative e-book,

Harpooning Executives: how phishing evolved into the C-suite.