Email Spoofs

Email spoof, what is it and how to avoid being spoofed.

Most of us have heard of, or unfortunately had, viruses on our computer at some point in our lives. An email spoof is a little more inconspicuous but still prominent in the world of computing.

The word spoof means to falsify, hoax or deceive according to Webster’s dictionary. A spoofed email is intentionally altered by the sender to imply that it is coming from a legitimate source such as a bank, company, friend or an online store. The sender will alter the email with a “letterhead” look to imply someone else is trying to contact you. In many cases the spoofed email is a form of phishing or (con man) attack. In other situations, spoofing is a way of dishonestly marketing an online service or trying to sell you a bogus product.

The business spoof

Most of these will have the appearance of a well known company such Dell Computers or Microsoft. Often they are trying to get you to purchase some fake warranty or upgrade for your hardware or software. When in doubt, call the company directly and speak with the sales department about the service or product being offered in your email. Chances are, they know nothing of it or they have been flooded with similar calls.

The personal spoof

Most of us have seen this one. You get an email from a close friend saying he is stuck in the Cayman Islands and has lost his billfold, passport and everything but the clothes on his back. Naturally you want to help. After all, this is a friend of yours. This is exactly what the spoofer is relying on. In the email they are always asking for money to be wired via Western Union or some other source. Don’t fall victim to this one. Simply pick up the phone and call your friend. Most often you will find he or she is at work or home and oblivious to the situation.

The data spoof

Dishonest users or con men will alter different parts of an email disguising themselves as someone else for the purpose of getting your email contacts. The types of information they are trying to obtain and alter are;

1. From – name and address

2. Reply-To – name and address

3. Source IP – address (your IP address)

The first two properties are easily altered by using settings in your Microsoft Outlook, Gmail, Hotmail or other email services. The third property (IP address) is a bit more difficult for the con man to alter since it is difficult to make false IP addresses convincing. Difficult, but not impossible.

While some spoof-altered emails are falsified by hand, meaning a hacker actually sitting down at his computer and manually altering emails, most are created by software such as ratware. Ratware programs will often run massive built-in word lists to generate thousands of target email addresses, spoof a source email and then shoot out those emails to the list generated targets. These email address lists are generated from your contact list.

Defending yourself against spoof emails

This is where common sense and curiosity should kick in. Question the email and its contents. Be particularly cautious if it has an attachment, this is almost always a good tell-tale sign that something is not right. Think in rational terms, I know my neighbor is not in the Caymans since I just saw him last night grilling in his backyard. The IRS is not going to contact someone via email about an outstanding tax debt. If they want to contact that person, they will send a certified (hard copy) letter to their home.

Conclusion; investigate before you click on that email. Opening it may do more harm than you are able to undo. My own rule of thumb is; when in doubt, delete. Deleting suspicious emails and installing a good anti-virus program, are the best options you have for cutting your risk of being spoofed. You should also refrain from using the “reply all” option in your emails. However, while it does have some relevance here, it will be better covered in next weeks article regarding spam.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s