How to Spot Email Spoofing
The number of emails we get daily can be overwhelming. We could be excused for not looking at them all closely – well, almost. Except that not taking care to review emails for signs of spoofing could be a real risk to your business. Learn about email spoofing and how to avoid it in this article.
First, what is email spoofing? Don’t confuse this with the foreign prince’s plea for money. Email spoofing is much more nuanced; it’s still a cyber bad guy at work. They try to get you to download malware, enter personal credentials, or give money. Yet now they are mimicking a reputable company or source of an email. The email will, at a hurried glance, appear to be legitimate, and that’s how it works. The spoofer takes advantage of our lack of attention to accomplish their aim.
With email spoofing, the scammer tries to trick you into thinking they are a source you recognize. This might be a supervisor, a colleague, a vendor, or some other entity you work with regularly. Their goal is to get you to take an action you would not otherwise do.
The email will usually look convincing. The would-be attacker will duplicate design elements and mimic the sender’s style. So, you need to be aware.
How to Identify Email Spoofing
There are several signs to look for to identify a spoof email. First, you’ll want to check the email header information. This is a good place to look for tracking information about the message.
To view headers:
- In Gmail, open the email you want to check headers for. Next to Reply, click the three dots and choose “Show Original”.
- In Apple Mail, open the email you want to see headers for, and click View > Message > All Headers.
- In Outlook, open the email you want to check, and then click File > Properties.
Check to see:
- if the “from” email address matches the name of the person displayed as the sender;
- that the “reply-to” address is the same as the sender or the site that the email purports to be from;
- that the “return-path” is the same as the reply-to – you don’t want to think you are replying to “John Doe” when your response will go to “Scammy McScammer”.
The email header is a good starting point, but you’ll also want to ask yourself about the content of the message. If you weren’t expecting a message from that individual or organization, think twice. Also, look out for spelling or grammatical errors. A difficult-to-read message could indicate an unsolicited email from someone with a limited grasp of English.
If the email is pressuring you to act quickly or making an emotional plea for you to do something, be wary. Scammers often rely on urgency or our desire to help. That’s how they trick people into clicking on links or open attachments.
Better Safe Than Sorry
If you aren’t sure about an email’s legitimacy, slow down. Before you act, go to your contact list and send a direct message to that sender’s address to confirm the request. Or call the sender or company the sender apparently represents to verify that the email is a real one.
A managed service provider (MSP) can help you better manage email safety. Ask our IT experts to help set up email filtering and monitoring to avoid malware infection. Learn more today on 03 683 9090!
Cyber criminals want your precious client data!
What would you say to your clients if they found out their information was freely available on the internet? Download our eBook below on how to protect your business.
Search our posts
Avoid This Top IT Mistake: The “Wait and See” Approach
Patience is often a virtue, and being budget-conscious is also a plus in business. Yet taking a “wait and see” approach with business tech is a top IT mistake. There…
Businesses Beware Of Fake Meeting Requests
Hi, Important that we meet discuss speerfishing attacks over business comunicatons. We need to make plan about this IMMEDIATELY. Please click on the link [uurl.callender.com] to make an appointment with…
Think Before Sharing That Link
Learning to share is an important early-life skill. Now, you’ve mastered it, and you’re out in the workforce. Happily, digital technology makes it much easier to share business files, but…
Small Business Can’t Sacrifice Cybersecurity
For small businesses, it can be tempting to postpone cybersecurity efforts. There are many common excuses: “There’s so much to do,” “There’s not enough budget,” “Our business is too small…