Email Spoofing Explained

Put simply, email spoofing is where spammers send email that looks like it has come from a reputable source. They trick your email program (and you) into believing that the email has come from someone it hasn't. While most spoofed emails are harmless, some contain malware or attempts to get sensitive information, such as online banking and shopping login details.

Why Send Spoof Email?

Spammers take the time to spoof email, generally, for two reasons:

  1. To try get sensitive data.
  2. To clog up email servers.

While you can bet that most spoofed email is just a nuisance designed to clog up email servers, there are some more malicious varieties. These are designed to trick you into giving the scammers confidential log in details for your online banking or shopping accounts. Spoofed emails often look identical to bank or online store emails, and they ask you to click a link and log into "your account" for one reason or another. The trouble is, the links don't go to the legitimate websites of the bank or online store. They go to a fake website designed to harvest those log in details from you so that the spammers can log in to your bank or online store account later.

How do Spammers Spoof Email addresses?

Spoofing a legitimate email address is surprisingly easy. All a spammer needs is a Simple Mail Transfer Protocol (SMTP) server and an email sending program. These email programs will allow you to specify a "from" address for your emails. Spammers use this feature to specify a legitimate-seeming email address as the sending address for their spoofed emails.

Protect Yourself

Most standard email servers don't have a way to check if an email's 'from' address has been spoofed. There are, however, a few basic things you can do to make sure you don't fall prey to spoofed email.

Learn to Read Email for Hidden Details

Whenever you receive an email asking you to click a link, get in the habit of hovering over the link and checking the pop-up link text in the bottom left of your screen before you click.

You can also make sure that the sending address and the from address match. You can do this by checking the email header itself. This takes a little extra work, but is well worth it if you want to protect your sensitive information.

In some cases you can simply hover over the email address in the email itself to make sure that the from address matches the sending domain.

If you're still feeling suspicious about an email trying to solicit login details from you, you may need to go one one step further and check the header of your email to compare from address and sending domain. Depending on your email program, you'll need to follow certain steps to find the header info for your email.

The header itself is full of important anti-spam information, and you can learn more about it in our guide to Improving Email Delivery. What you're most interested in, for spoofing, is the domain of the sending server.


Finally, spoofers want to have legitimate email addresses to send from, you may find that your address is being used by a spammer to send spoofed email. You wouldn't notice immediately, but your email address would slowly accrue spam complaints until it is black listed by email service providers and your legitimate emails no longer go through when you send them.

You can avoid having your email address harvested by not signing up to suspicious websites and email lists.

The bottom line is that if you want to protect your information from spammers and avoid falling prey to spoof emails, be careful with it. Don't enter your bank login details anywhere except your bank's home page (and make sure it's your bank), and be careful who you give your email address to.

Twitter Facebook Google+ LinkedIn
Translate »