Email

Email phishing and spoofing

What is phishing?

It is the fraudulent practice of sending emails supposing to be from reputable companies but intending to induce individuals to reveal their password or credit card information.

Why do people do it?

People who perform phishing are cybercriminals, they want to steal your money or your sensitive information.

They use tricks and techniques to deceive individuals. It is easy for these scammers when users are not knowledgeable.

What is Email Spoofing?

It is the forgery of email headers to mislead the recipients about the origin of the message. Another phishing technique.

When you look at an email address in your email program (Outlook/ Thunderbird/ Mac mail), you are not seeing the true email but only the sender, the recipient/s, the subject and the body of the email. Your email software displays who an email is from in the “From” field. However, no verification is performed and therefore your email software has no way of knowing or validating if an email is actually from who it says it’s from.

When an email message is sent, there are two pieces of information sent in the headers during the initial connection which is not visible to the end user, this loophole is exploited by scammers in electronic mail, a concept well known as email spoofing in computing.

How to prevent email fraud

  • Do not click on links sent through email.
  • Do not download files or open attachments in emails from unknown senders.
  • Be very cautious with your personal information including your usernames and passwords.
  • Legitimate businesses will not send you an email to ask for your login information or sensitive personal information.
  • Verify the reply-to address.
  • Add an SPF record to prevent scammers from spoofing your domain.

Creating an SPF record You can find out more about How to create and add an SPF record to your domain to prevent scammers from spoofing your domain.

Still have questions? Contact us on any of the platforms below