Definition
Email spoofing is a cyberattack in which an attacker falsifies the sender’s email address to make the email seem to originate from a trusted source.
The attacker uses this tactic to get the victim to lower their guard, hoping to trick them into clicking malicious links or downloading malware.
This is a form of social engineering where the attackers disguise themselves as a people power (like government agents or banks) or even a friend or relative of the victim. While attackers can forge email out rightly, they usually use devices hijacked by malware to execute these attacks.
Examples of Email Spoofing
- An email from a friend who wants you to download a funny meme picture. However, it might contain a virus that adds your device to a spoofing botnet or uses it for further attacks.
- An email from a service provider, such as an ISP, with a link to a salivating offer or discount on their website. However, the link redirects you to a fake website that attempts to execute a malicious script in the background.
Preventing Email Spoofing
- Authenticate links and attachments before you click them and confirm the message with the sender through other means.
- Check for mistakes in the sender’s email address, as social engineering attacks depend on a lack of awareness and carelessness.
- Install a dedicated antivirus software and update it regularly to protect your device from potential viruses.
- Use a robust password to protect your online accounts effectively.