Articles

How To Tell If An Email Message Is Really From Who It Says It's From

Category: Technical Articles

Published Date Written by James Raaymakers

email-spoofing
What Is Spoofing? Senders of malicious email messages such as phishing emails and those containing viruses and malware will use a "Spoofed" return email address to hide thier real identity and trick a recipient into thinking the message came from their bank for example. Often this will be a valid email address of an unknowing 3rd party. Banking and Financial Institution email addresses are real popular. There is no way to prevent this type of abuse as a spoofer does not need access to an email account. Only the email address.

spoof-bandit
Why Do People Do This? The purpose of doing this is to trick a recipient into either providing personal financial account numbers and or passwords to banking websites or email accounts or into clicking a link that will install a virus, trojan, fake antivirus or other malicious malware designed to amoung other things steal personal and financial information or hijack your computer by alledging that it has multiple viruses and then demand payment via credit card for the "Antivirus Software" that alledgedly detected all these alledged viruses in order to "Clean" all the alledged viruses from your computer.

How Do They Send Spoofed Email? There are free software programs that can be setup to send "Spoofed" email. It can even be done from the "Command Line" on your computer. Another requirement is whats called an "Open SMTP Relay" server. An open mail relay is an email server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users.This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular due to their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers. But others exist soley for malicious purposes. Below is an example of using the command line to send a spoofed email.

howtospoof

phishing
So How Do I Know For Sure An Email Is Spoofed? There are several ways to tell if a message is "Spoofed"

Emails from banks or finance related sources that do not address you by the name you registered with them can be suspected as a spoofed email. Ebay, PayPal and banks will never send out general emails saying “Dear valued customer”, or “Dear member” etc…
You can quickly tell if the link in the email is a spoof by hovering your mouse over the link in the email and comparing it with the link appearing in the status bar.
View the “FULL message header” to know where the email came from. Click HERE for more info on how to read the "FULL message header" in your email client.
Read your email carefully and look for any spelling or grammatical mistakes.
Consider any website asking for your PIN (personal identification number) as a spoof.
Some spoof sites will include pop-up message boxes. It is better if you do not entertain such emails.
Most spoof emails will create a false sense of urgency like a message saying that your account will be locked out or deleted if you don’t act quickly.

Add comment

Please keep it clean. Abuse will result in being banned from this site.

JComments