You’ve just got an email from your best friend, and there’s a link. The email address looked legitimate, so you clicked on it expecting some funny meme or kitten videos you both used to share. However, your system suddenly starts acting weirdly, and people are complaining about you sending them strange emails. You fell victim to email spoofing.
Email spoofing is a cyber attack in which a hacker sends you an email with a fabricated sender address, all to make you believe it came from a trusted source. It could be a bank, a government organization, your colleague, a friend, etc. Cybercriminals use this social engineering technique to:
While users can sometimes identify a spoofed email as spam, it still causes much trouble. For example, in 2013, a news agency received an email, which looked like it came from a legitimate Swedish company, claiming that Samsung had purchased them. By spreading false information, cybercriminals affected the named company’s stock prices. They plummeted drastically.
First, hackers need to get hold of your email address. Lots of them are available in the public domain. People tend to publish them on social media, share them with others, leave them in contact forms, etc. Newsletters or various online registration forms that intentionally collect data can leak them too.
After finding out your email, hackers can exploit your address in the following ways:
Not all email providers have strong email authentication protocols to filter out suspicious and poorly configured domains and emails. Therefore, hackers successfully exploit these loopholes to get their spoofed emails through.
To prevent email spoofing, consider the following:
Want to read more like this?
Get the latest news and tips from NordVPN