Has your family or friends ever received a suspicious email from your email address? Have you received a questionable email from an address that looks like it’s coming from a friend? You may think you have been hacked but, in this case, someone is faking your email address. This is known as email spoofing and it is a common occurrence within email systems.

How do you know if someone is faking your address?

Many of us tend to forward emails, send photos or documents to our own personal email addresses for safekeeping later. Scammers recognize that behavior and therefore is the perfect opportunity for them to send a link or document download with a fake email, knowing you will open emails coming from your “own” email address.

There are many ways scammers can get a hold of your email address. Through social media, your contacts, and simply the various places on the internet that you submit your email address, scammers are able to find it. If you have an email address that is publicly used to send newsletters and other emails to a wide list of people, that address is more likely to be used by scammers for email spoofing.

How does email spoofing work?

All scammers need is an SMTP or Simple Mail Transfer Protocol which is an email delivery system such as Microsoft Outlook, Gmail, Yahoo! mail, etc. to send a fake email. They must have login access to an email delivery system, but the display name and email address can be edited to be shown however they like. Scammers then use botnets to send out spoofing emails. Botnets are a group of computers that have been hijacked by a third party and are hard to trace. Botnets can send these emails to an entire contact list and mutual contacts. For more information on botnets and how spoofing emails are sent, check out this article from Makeuseof.com.

How can you prevent being a victim of email spoofing?

It all comes back to the basics. Don’t click anything in an email that looks as if it was sent by you, but you do not remember sending it. Check your sent email to verify. Trust your gut. If an email looks suspicious coming from a contact of yours, do not download any files or click on links in the email. You can hover over the link to see if it is a trusted URL. It is always good to change and strengthen your password or add multi-factor authentication.

For more information on email spoofing and ways to prevent it, contact Integrated Computer Consulting (ICC) in Fort Collins, Colorado today! 970.821.8592.