Email Spoofing – What Is It?

Email Spoofing – What Is It?

Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a popular tactic used in phishing and spam campaigns. This is because people are more likely to open an email when they think a legitimate or familiar source has sent it. The goal of email spoofing is to get recipients to open, and possibly even respond to, a solicitation.

Although most spoofed emails can be easily detected and require little action other than deletion. The more malicious varieties can cause severe problems and pose security risks. For example, a spoofed email may pretend to be from a popular shopping website, asking the recipient to provide sensitive data such as a password or credit card number. Alternatively, a spoofed email may include a link that installs malware on the recipient’s device if clicked.

How Email Spoofing Works

Email spoofing can be easily achieved with a working Simple Mail Transfer Protocol (SMTP) server and mailing software like Outlook or Gmail. Once an email message is composed, the scammer can forge fields found within the message header such as the FROM, REPLY-TO and RETURN-PATH addresses. After the email is sent, it will appear in the recipient’s mailbox that appears to come from the address that was entered.

How To Spot A Spoofed Email

If a spoofed email does not appear to be suspicious to the user, it is likely it will go undetected. However, if the user does sense something is wrong, they can open and inspect the email source code. Here, the recipient can find the originating IP address of the email and trace it back to the real sender.

How To Prevent Email Spoofing

To prevent becoming a victim of email spoofing, the following practices should be put into place:

  • Keep antimalware/antivirus software up to date.
  • Do not share private or financial information through email.
  • Turn spam filters on to the strongest settings, or use tools like Gmail’s Priority Inbox.
  • Avoid clicking suspicious links or downloading suspicious attachments.
  • Never enter sensitive information into links that are not secure.
  • Learn how to open and read email headers for signs of email spoofing.
  • Conduct reverse IP lookups to verify the real sender.
  • Audit email accounts to see how they respond to SPF and DMARC

How We Can Help

If you have spotted something dodgy going on with your email, we recommend getting in touch with our team. If we provide your email, we will be able to provide additional checks for you. Such as seeing if the email originated from our servers or advanced IP detection and filtering.

At HITS, we are proud to use the latest and greatest anti-spam software such as SpamExperts. SpamExperts are leaders in the spam detection industry and provide an easy to use powerful platform for monitoring and catching spam. Our team would be delighted to show you how to check email headers so you can easily detect and identify dodgy emails in the future.


HITS – A Creative Web Design Agency based in Hampshire

Established in 2010, HITS works with a broad range of dynamic local and regional businesses. We have extensive experience in Website Design, Ecommerce, Graphic Design and SEO Services. We’re all about providing creative solutions that give small and medium-sized companies the chance to become big companies. As our clients grow, we grow. We love what we do, and we couldn’t consider doing anything else.

If you would like to find out more, then please contact us on 01264 316141 or via email at info@hampshireitsolutions.com