InternetCorkboard
  • Security
  • Email Spam
  • Email Spoofing

    • Email Spoofing

    Published December 26, 2011
    AAA Print

    Overview

    Email spoofing is one of the biggest problems faced by Internet users. It is an activity by which an email appears to have originated from a trusted source rather than the real sending point. This is done by changing the sender's address, email header, and return path of the email. When you open or view spoofed email, you expose yourself to hackers who wish to access your inbox and personal information.

    Email spoofing is illegal. In the USA, laws against email spoofing are well pronounced, especially in Illinois, Maryland, and Washington. It is illegal to spoof an email with the intention to mislead.

    Here, any third party direction for an email is abhorred. If the email id and headers of emails are spoofed and sent with an intention to mislead, then it is considered illegal. The Federal Trade Commission has also instituted the CAN-SPAM Act, which enforces rules for commercial mail. Under the CAN-SPAM Act, it is illegal to use false or misleading header information, and ads must be identified. Recipients also have the right to quickly remove themselves from mailing lists.

    Benefits

    Spoofing has no benefits and is done for malicious reasons to spam inboxes and steal private information. Businesses may also spoof people as a way to uncover competitor information.

    In any case, spoofing technology can be advantageous. For example, people can report crimes and illegal activities without fear of retaliation.

    How It Works

    There are many methods of email spoofing. The easiest way is by changing the "from" field by making appropriate alterations in the option bar. Changing the source email field is another method. Most email services allow people to change the email address in the address field. Another method of spoofing involves changing the email header. The message will appear to have originated from a different computer server.

    Software applications can automatically spoof emails. This software generates a few email addresses. A spammer will select the least suspicious email address from which to spoof emails. This type of software is not readily available online. Programs tend to be used by hackers and are illegal. Some hackers will develop their own software.

    Another technique called "mass mailing worms" is used for email spoofing. This infestation begins with one infected email. Users open this infected mail, and then the mail self-propagates by spreading through an email address book. The pattern continues as users continue to open the mail.

    Exercise good judgment to protect yourself. An established organization will almost never send an email that is poorly written or with typos. If you are suspicious of an email, check the website that it was sent from or contact the company or organization. You may be able to report spoofed emails to a local organization or to the Federal Trade Commission.

    Companies/Brands

    The following companies provide protection against email spoofing: DKIM, Microsoft, and Open SPF.

    Last Updated: December 26, 2011
    Click to share this information

    Related Articles

    You may also like ...

    From around the web

    Note: The information provided on this site may be provided by third parties. The owners and operators of this site do not guarantee the accuracy, completeness, and compliance of the content on this site. Such content is not and shall not be deemed tax, legal, financial, or other advice, and we encourage you to confirm the accuracy of the content. Use is at your own risk, and use of this site shall be deemed acceptance of the above.